diff --git a/po/bg.po b/po/bg.po index 831ee28b8a..02183f1379 100644 --- a/po/bg.po +++ b/po/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:44+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/" @@ -20,1539 +20,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Задава ниво на подробност на debug лог записите" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Включва час и дата в debug лога" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Записва debug съобщенията в логфайлове" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Команда за стартиране на услугата" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Време за опити за връзка с Data Provider-и" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "SSSD услуги за стартиране" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "SSSD домейни за стартиране" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Изчакване за съобщения, изпратени през SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Regex за намиране на потребителско име и домейн" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Printf-съвместим формат за изобразяване на пълно-квалифицирани имена" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Потребители, които SSSD изрично трябва да игнорира" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Групи, които SSSD изрично трябва да игнорира" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Да се показват ли филтрираните потребители в групи" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Стойността на полето парола, което NSS доставчикът трябва да върне" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "Колко дни да се позволява кеширано влизане между влизания онлайн" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Колко неуспешни опита за влизане са разрешени, когато сме офлайн" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Колко време (в минути) да е забранено влизането, след достигане броя " -"неуспешни опити за влизане, когато сме офлайн" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Доставчик на самоличност" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Доставчик на удостоверяване" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Доставчик на контрол на достъп" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Доставчик на смяна на парола" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Минимално ID на потребител" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Максимално ID на потребител" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Кеширай идентификационни данни за офлайн влизане" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Показвай потребители/групи в пълно -валифицирана форма" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "Ограничава или предпочита определена фамилия адреси при DNS търсения" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Колко дни да се пазят кешираните записи след последното успешно влизане" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" -"Колко време да чакам за отговори от DNS при търсене на сървъри (секунди)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Частта Домейн от DNS заявката за откриване на услуга" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA домейн" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Адрес на IPA сървър" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Име на хост на IPA клиент" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "LDAP филтър за определяне права на достъп" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Адрес на Kerberos сървър" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos област" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Директория за съхранение на кеша за данни за удостоверяване" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Местоположение на кеша за данни за удостоверяване на потребители" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Местоположение на keytab за валидиране на данните за удостоверяване" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Разреши проверката на данните за удостоверяване" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "Записва паролата ако е офлайн за по-късно удостоверяване" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, URI на LDAP сървъра" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Базовият DN по подразбиране" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Използваният тип схема на LDAP сървъра, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Подразбиращият се bind DN" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Продължителност на опитите за свързване" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Продължителност на опитите за синхронни LDAP операции" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Продължителност на времето между опитите за връзка докато е офлайн" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Файл, съдържащ CA сертификати" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Път до директорията на CA сертификат" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Изисква TLS проверка на сертификат" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Задава за използване механизма sasl" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Задаване на sasl authorization id за употреба" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "keytab на Kerberos услуга" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Ползвай Kerberos auth за LDAP връзка" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Следвай LDAP референциите" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Продължителност на живот на TGT за LDAP връзка" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Продължителност на време за изчакване на заявка за търсене" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Продължителност на време между актуализации на изброяване" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Изисква TLS за ИД справките" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "атрибут Потребителско име" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "атрибут UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "атрибут Първичен GID" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "атрибут GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "атрибут Домашна директория" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "атрибут Команден интерпретатор" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "атрибут User principal (за Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Пълно име" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "атрибут членНа" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "атрибут Момент на промяна" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Политика за определяне срок на валидност на парола" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Списък разрешени потребители, разделени със запетая" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Списък забранени потребители, разделени със запетая" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Подразбиращ се команден интерпретатор, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Място за домашните директории" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Продължава като демон (по подразбиране)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Интерактивна работа (а не като демон)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Задаване на друг (не подразбиращия се) конфиг файл" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Ниво на debug" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1592,7 +108,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2407,7 +923,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2584,44 +1100,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2830,3 +1346,246 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Задава ниво на подробност на debug лог записите" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Включва час и дата в debug лога" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Записва debug съобщенията в логфайлове" + +#~ msgid "Command to start service" +#~ msgstr "Команда за стартиране на услугата" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Време за опити за връзка с Data Provider-и" + +#~ msgid "SSSD Services to start" +#~ msgstr "SSSD услуги за стартиране" + +#~ msgid "SSSD Domains to start" +#~ msgstr "SSSD домейни за стартиране" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Изчакване за съобщения, изпратени през SBUS" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Regex за намиране на потребителско име и домейн" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Printf-съвместим формат за изобразяване на пълно-квалифицирани имена" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Потребители, които SSSD изрично трябва да игнорира" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Групи, които SSSD изрично трябва да игнорира" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Да се показват ли филтрираните потребители в групи" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Стойността на полето парола, което NSS доставчикът трябва да върне" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "Колко дни да се позволява кеширано влизане между влизания онлайн" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Колко неуспешни опита за влизане са разрешени, когато сме офлайн" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Колко време (в минути) да е забранено влизането, след достигане броя " +#~ "неуспешни опити за влизане, когато сме офлайн" + +#~ msgid "Identity provider" +#~ msgstr "Доставчик на самоличност" + +#~ msgid "Authentication provider" +#~ msgstr "Доставчик на удостоверяване" + +#~ msgid "Access control provider" +#~ msgstr "Доставчик на контрол на достъп" + +#~ msgid "Password change provider" +#~ msgstr "Доставчик на смяна на парола" + +#~ msgid "Minimum user ID" +#~ msgstr "Минимално ID на потребител" + +#~ msgid "Maximum user ID" +#~ msgstr "Максимално ID на потребител" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Кеширай идентификационни данни за офлайн влизане" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Показвай потребители/групи в пълно -валифицирана форма" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Ограничава или предпочита определена фамилия адреси при DNS търсения" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Колко дни да се пазят кешираните записи след последното успешно влизане" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Колко време да чакам за отговори от DNS при търсене на сървъри (секунди)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Частта Домейн от DNS заявката за откриване на услуга" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания" + +#~ msgid "IPA domain" +#~ msgstr "IPA домейн" + +#~ msgid "IPA server address" +#~ msgstr "Адрес на IPA сървър" + +#~ msgid "IPA client hostname" +#~ msgstr "Име на хост на IPA клиент" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "LDAP филтър за определяне права на достъп" + +#~ msgid "Kerberos server address" +#~ msgstr "Адрес на Kerberos сървър" + +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos област" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Директория за съхранение на кеша за данни за удостоверяване" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Местоположение на кеша за данни за удостоверяване на потребители" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Местоположение на keytab за валидиране на данните за удостоверяване" + +#~ msgid "Enable credential validation" +#~ msgstr "Разреши проверката на данните за удостоверяване" + +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "Записва паролата ако е офлайн за по-късно удостоверяване" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Сървърът, на който работи услугата за смяна на парола ако не е на KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, URI на LDAP сървъра" + +#~ msgid "The default base DN" +#~ msgstr "Базовият DN по подразбиране" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Използваният тип схема на LDAP сървъра, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "Подразбиращият се bind DN" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Продължителност на опитите за свързване" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Продължителност на опитите за синхронни LDAP операции" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Продължителност на времето между опитите за връзка докато е офлайн" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Файл, съдържащ CA сертификати" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Път до директорията на CA сертификат" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Изисква TLS проверка на сертификат" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Задава за използване механизма sasl" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Задаване на sasl authorization id за употреба" + +#~ msgid "Kerberos service keytab" +#~ msgstr "keytab на Kerberos услуга" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Ползвай Kerberos auth за LDAP връзка" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Следвай LDAP референциите" + +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Продължителност на живот на TGT за LDAP връзка" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Продължителност на време за изчакване на заявка за търсене" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Продължителност на време между актуализации на изброяване" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Изисква TLS за ИД справките" + +#~ msgid "Username attribute" +#~ msgstr "атрибут Потребителско име" + +#~ msgid "UID attribute" +#~ msgstr "атрибут UID" + +#~ msgid "Primary GID attribute" +#~ msgstr "атрибут Първичен GID" + +#~ msgid "GECOS attribute" +#~ msgstr "атрибут GECOS" + +#~ msgid "Home directory attribute" +#~ msgstr "атрибут Домашна директория" + +#~ msgid "Shell attribute" +#~ msgstr "атрибут Команден интерпретатор" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "атрибут User principal (за Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Пълно име" + +#~ msgid "memberOf attribute" +#~ msgstr "атрибут членНа" + +#~ msgid "Modification time attribute" +#~ msgstr "атрибут Момент на промяна" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Политика за определяне срок на валидност на парола" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Списък разрешени потребители, разделени със запетая" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Списък забранени потребители, разделени със запетая" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Подразбиращ се команден интерпретатор, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Място за домашните директории" diff --git a/po/ca.po b/po/ca.po index c0127b1097..170d652e32 100644 --- a/po/ca.po +++ b/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2017-10-15 03:02+0000\n" "Last-Translator: Robert Antoni Buj Gelonch \n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -26,1651 +26,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Estableix la verbositat del registre de depuració" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Inclou les marques temporals als registres de depuració" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" -"Inclou els mil·lisegons a les marques temporals als registres de depuració" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Escriu els missatges de depuració als fitxers dels registres" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "L'ordre per iniciar el servei" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "El nombre de vegades per intentar la connexió als proveïdors de dades" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"El nombre de descriptors de fitxers que poden estar oberts per aquest " -"contestador" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "El temps d'inactivitat abans de la desconnexió automàtica d'un client" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Els serveis del SSSD a iniciar" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Els dominis del SSSD a iniciar" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "El temps d'expiració per als missatges enviats a través del SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "L'expressió regular per analitzar el nom d'usuari i el domini" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Format compatible amb printf per mostrar els FQN" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"El directori del sistema de fitxers on el SSSD ha d'emmagatzemar els fitxers " -"de la memòria cau de repetició de Kerberos." - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "El domini per afegir als noms sense un component de domini." - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "L'usuari a qui se li disminueixen els permisos" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Tots els espais, als noms dels grups o dels usuaris, se substituiran amb " -"aquest caràcter" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" -"Període de temps per a l'expiració de la memòria cau de les enumeracions (en " -"segons)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" -"Període de temps per a l'expiració de l'actualització en rerefons de les " -"entrades de la memòria cau (en segons)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" -"Període de temps per a l'expiració de la memòria cau negativa (en segons)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Els usuaris que l'SSSD hauria d'ignorar explícitament" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Els grups que l'SSSD hauria d'ignorar explícitament" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Si els usuaris filtrats han d'aparèixer als grups" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" -"El valor del camp de la contrasenya que ha de retornar el proveïdor NSS" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"Substitueix el valor de homedir del proveïdor d'identitat amb aquest valor" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Substitueix el valor buit de homedir del proveïdor d'identitat amb aquest " -"valor" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" -"Substitueix el valor del shell del proveïdor d'identitat amb aquest valor" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" -"La llista dels shells que els usuaris poden utilitzar per iniciar la sessió" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"La llista dels shells que es vetaran i se substituiran amb el shell " -"alternatiu" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Si un shell emmagatzemat al directori central està permès però no es troba " -"disponible, utilitza aquesta alternativa" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "El shell a utilitzar si el proveïdor no en llista cap" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Quant de temps seran vàlids els registres a la memòria cau" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Quant de temps s'ha de permetre entre els inicis de sessions en memòria cau " -"i els inicis de sessions en línia (en dies)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" -"Quants intents fallits d'inicis de sessió es permeten quan s'està " -"desconnectat" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Quant de temps (en minuts) s'ha de denegar l'inici de sessió després d'haver " -"assolit offline_failed_login_attempts" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "Quins tipus de missatges es mostren a l'usuari durant l'autenticació" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Quants segons s'ha de mantenir la informació en la memòria cau per a les " -"peticions PAM" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" -"Quants dies abans del venciment de la contrasenya s'hauria de mostrar una " -"advertència" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "La llista dels uid o dels noms d'usuari de confiança" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" -"La llista dels dominis accessibles fins i tot per als usuaris que no són de " -"confiança." - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "El missatge que es mostra quan venç el compte de l'usuari." - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "Si s'avaluen els atributs basats en temps a les regles sudo" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Si s'esbocinen els noms i les adreces dels amfitrions al fitxer known_hosts" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Quants segons s'ha de mantenir un amfitrió al fitxer known_hosts després que " -"s'hagi sol·licitat la seva clau" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"La llista dels UID o dels noms d'usuari que poden accedir al contestador del " -"PAC" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"La llista dels UID o dels noms d'usuari que poden accedir al contestador de " -"l'InfoPipe" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "La llista dels atributs de l'usuari que l'InfoPipe pot publicar" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Proveïdor d'identitat" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Proveïdor d'autenticació" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Proveïdor de control d'accés" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Proveïdor de canvi de contrasenya" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "Proveïdor de SUDO" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Proveïdor d'Autofs" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Proveïdor d'identitat d'amfitrions" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Id. mínim d'usuari" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Id. màxim d'usuari" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Habilita l'enumeració de tots els usuaris/grups" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Credencials en memòria cau per als inicis de sessions sense connexió" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Mostra els usuaris/grups en format plenament qualificat" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "No incloure als membres dels grups en la recerca del grup" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" -"Període de temps per a l'expiració de les entrades de la memòria cau (en " -"segons)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Restringeix o prefereix una família específica d'adreces quan es realitzi la " -"recerca del DNS" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Quant de temps s'han de mantenir les entrades en la memòria cau després de " -"l'últim inici de sessió reeixit (en dies)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" -"Temps d'expiració per a les respostes del DNS en la resolució dels servidors " -"(en segons)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "La part del domini de la consulta DNS del descobriment del servei" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" -"Substitueix el valor del GID del proveïdor d'identitat amb aquest valor" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Distingeix entre majúscules i minúscules als noms d'usuari" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Amb quina freqüència les entrades vençudes s'actualitzen al rerefons" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Si s'actualitza automàticament l'entrada DNS del client" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "El TTL per aplicar a l'entrada DNS del client després d'actualitzar-ho" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"La interfície amb la IP que s'hauria d'utilitzar per a les actualitzacions " -"dinàmiques DNS" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Cada quant s'actualitzarà automàticament l'entrada DNS del client" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "Si el proveïdor ha d'actualitzar explícitament així el registre PTR" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Si la utilitat nsupdate per defecte ha d'utilitzar TCP" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" -"Quin tipus d'autenticació s'ha d'utilitzar per realitzar l'actualització del " -"DNS" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Control de l'enumeració dels amfitrions de confiança" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Amb quina freqüència s'ha de refrescar la llista dels subdominis" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Llista de les opcions que han de ser inherents a un subdomini" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Domini IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Adreça del servidor IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adreça del servidor IPA de reserva " - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nom d'amfitrió del client IPA" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Base de cerca per als objectes relacionats amb HBAC" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" -"Quantitat de temps entre recerques de les regles HBAC contra el servidor IPA" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" -"Quantitat de temps en segons entre recerques de les assignacions SELinux " -"contra el servidor IPA" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" -"Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat amb " -"PAM" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" -"La ubicació de l'eina de muntatge automàtic que aquest client IPA està " -"utilitzant" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" -"Base de cerca per a l'objecte que conté la informació sobre el domini de " -"l'IPA" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" -"Base de cerca per als objectes que contenen informació sobre els intervals " -"d'id." - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" -"Habilita els llocs DNS - el descobriment del servei es basa en la ubicació" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Base de cerca per als contenidors de la vista" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Objectclass per als contenidors de la vista" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "L'atribut amb el nom de la vista" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Objectclass per substituir els objectes" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "L'atribut amb la referència a l'objecte original" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Objectclass per als objectes de substitució d'usuari" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Objectclass per als objectes de substitució de grup" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Domini Active Directory" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Adreça del servidor de l'Active Directory" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Adreça del servidor de l'Active Directory de reserva" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Nom d'amfitrió del client d'Active Directory" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Filtre LDAP per determinar els privilegis d'accés" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Si s'utilitza el catàleg global per a les recerques" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Mode d'operació per al control d'accés basat en GPO" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" -"Quantitat de temps entre recerques de fitxers de polítiques GPO contra el " -"servidor d'AD" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" -"Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " -"(Deny)InteractiveLogonRight del GPO" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" -"Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " -"(Deny)RemoteInteractiveLogonRight del GPO" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " -"(Deny)NetworkLogonRight del GPO" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" -"Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " -"(Deny)BatchLogonRight del GPO" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" -"Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " -"(Deny)ServiceLogonRight del GPO" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" -"Noms dels serveis del PAM als quals sempre se'ls garanteix l'accés basat en " -"GPO" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" -"Noms dels serveis del PAM als quals sempre se'ls denega l'accés basat en GPO" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" -"Dret (permet o denega) predeterminat de l'inici de sessió a utilitzar per " -"als noms dels serveis del PAM sense assignar" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "un lloc determinat per utilitzar amb el client" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Adreça del servidor Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Adreça del servidor Kerberos de reserva" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Reialme Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Temps d'expiració de l'autenticació" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Si es creen els fitxers kdcinfo" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Si es rebutgen les parts de la configuració del krb5" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Directori per emmagatzemar la memòria cau de les credencials" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Ubicació de la memòria cau de les credencials de l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Ubicació de la clau per validar les credencials" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Habilita la validació de credencials" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" -"Emmagatzema la contrasenya si s'està desconnectat per a l'autenticació " -"posterior amb connexió" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Temps de vida renovable del TGT" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Temps de vida del TGT" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Temps entre les dues comprovacions per a la renovació" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Habilita FAST" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Selecciona el principal per utilitzar amb FAST" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Habilita la canonització del principal" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Habilita els principals empresarials" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Servidor on es troba el servei de canvi de contrasenya si no està al KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, L'URI del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, L'URI del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "El DN base per defecte" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "El DN de creació del vincle per defecte" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" -"El tipus del testimoni d'autenticació del DN de creació del vincle per " -"defecte" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "El testimoni d'autenticació del DN de creació del vincle per defecte" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Període de temps per intentar una connexió" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Període de temps per intentar operacions LDAP asíncrones" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" -"Període de temps entre els intents per tornar a connectar mentre s'està " -"desconnectat" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Utilitza només majúscules pels noms de reialme" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Fitxer que conté els certificats de l'AC" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Camí al directori del certificat de l'AC" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Fitxer que conté el certificat de client" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Fitxer que conté la clau de client" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Llista de paquets de xifrat possibles" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Requereix verificació de certificat TLS" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Especifica el mecanisme SASL a utilitzar" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Especifica l'id. d'autorització SASL a utilitzar" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Especifica el reialme d'autorització SASL a utilitzar" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Taula de claus del servei del Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Segueix les referències LDAP" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Temps de vida del TGT per la connexió LDAP" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Com desreferenciar els àlies" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Nom del servei per a la recerca del servei del DNS" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "El nombre de registres a recuperar en una sola consulta LDAP" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"El nombre de membres que han de faltar per activar una de-referència completa" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" -"Si la biblioteca LDAP hauria de realitzar una recerca inversa per canonitzar " -"el nom d'amfitrió durant la creació del vincle SASL" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "L'atribut entryUSN" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "L'atribut lastUSN" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" -"Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " -"desconnectar" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Inhabilita el control de paginació LDAP" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Període de temps per esperar una petició de cerca" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Període de temps per esperar una petició d'enumeració" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Període de temps entre les actualitzacions de les enumeracions" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Període de temps entre les neteges de la memòria cau" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Requereix TLS per a la recerca d'id." - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" -"Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-establerts" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "DN base per a la recerca de l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Abast de la recerca de l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtre per a la recerca de l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass per als usuaris" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "L'atribut nom d'usuari" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "L'atribut UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "L'atribut GID primari" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "L'atribut GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "L'atribut directori inicial" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "L'atribut shell" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "L'atribut UUID" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "L'atribut objectSID" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "L'atribut grup primari de l'Active Directory per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "L'atribut usuari principal (per a Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nom complet" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "L'atribut memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "L'atribut data de modificació" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "L'atribut shadowLastChange" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "L'atribut shadowMin" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "L'atribut shadowMax" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "L'atribut shadowWarning" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "L'atribut shadowInactive" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "L'atribut shadowExpire" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "L'atribut shadowFlag" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "L'atribut que llista els serveis PAM autoritzats" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "L'atribut krbLastPwdChange" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "L'atribut krbPasswordExpiration" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" -"L'atribut que indica l'activació de les polítiques de contrasenya de servidor" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "L'atribut accountExpires de l'AD" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "L'atribut userAccountControl de l'AD" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "L'atribut nsAccountLock" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "L'atribut loginDisabled del NDS" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "L'atribut loginExpirationTime del NDS" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "L'atribut loginAllowedTimeMap del NDS" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "L'atribut clau pública SSH" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "atribut que llista els tipus permesos d'autenticació per a un usuari" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "atribut que conté el certificat X509 de l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" -"Una llista dels atributs extres per baixar juntament amb l'entrada de " -"l'usuari" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "DN base per a la recerca del grup" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "L'objectclass per als grups" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Nom del grup" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Contrasenya del grup" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "L'atribut GID" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "L'atribut membre del grup" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "L'atribut UUID del grup" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "L'atribut data de modificació per als grups" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Tipus del grup i altres senyals" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "DN base per a la recerca del grup de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "L'objectclass per als grups de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Nom de grup de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "L'atribut membres del grup de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "L'atribut triple del grup de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "L'atribut data de modificació per als grups de xarxa" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "DN base per a la recerca del servei" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Objectclass per als serveis" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "L'atribut nom del servei" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "L'atribut port del servei" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "L'atribut protocol del servei" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Límit inferior per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Límit superior per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Nombres d'id. per cada porció en l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Nom del domini per defecte per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID del domini per defecte per a l'assignació d'id." - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Si s'utilitzen els grups amb testimonis" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN per a les consultes ppolicy" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Política per avaluar el venciment de la contrasenya" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" -"Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" -"URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" -"Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de " -"contrasenya" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "DN base per a la recerca de les regles sudo" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Període d'actualització automàtica completa" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Període d'actualització automàtica intel·ligent" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " -"per filtrar les regles de sudo" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " -"l'amfitrió" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Si s'inclouen les regles que contenen expressions regulars a l'atribut de " -"l'amfitrió" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Objectclass de les regles sudo" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Nom de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Attribut command de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "L'atribut host de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "L'atribut user de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "L'atribut option de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "L'atribut runas de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "L'atribut runasuser de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "L'atribut runasgroup de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "L'atribut notbefore de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "L'atribut notafter de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "L'atribut order de la regla sudo" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" -"Objectclass per a les entrades de les assignacions de l'eina de muntatge " -"automàtic" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" -"L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" -"L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" -"DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Llista separada per comes dels usuaris autoritzats" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Llista separada per comes dels usuaris no autoritzats" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "El shell predeterminat, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Base per als directoris inicials" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "El nom de la biblioteca NSS a utilitzar" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" -"Si se cerca el nom del grup canònic des de la memòria cau, si és possible" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Pila PAM a utilitzar" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Esdevé un dimoni (per defecte)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Executa en mode interactiu (no com a dimoni)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Especifica un fitxer de configuració diferent del predeterminat" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "Imprimeix el número de versió i surt" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Nivell de depuració" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Afegeix les marques temporals de depuració" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "Mostra les marques temporals amb microsegons" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Un descriptor de fitxer obert pels registres de depuració" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "Envia directament la sortida de depuració al stderr." @@ -1710,7 +114,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Domini del proveïdor d'informació (obligatori)" @@ -2567,7 +971,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2744,44 +1148,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "\n" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2990,3 +1394,1032 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Estableix la verbositat del registre de depuració" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Inclou les marques temporals als registres de depuració" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "" +#~ "Inclou els mil·lisegons a les marques temporals als registres de depuració" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Escriu els missatges de depuració als fitxers dels registres" + +#~ msgid "Command to start service" +#~ msgstr "L'ordre per iniciar el servei" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "" +#~ "El nombre de vegades per intentar la connexió als proveïdors de dades" + +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "El nombre de descriptors de fitxers que poden estar oberts per aquest " +#~ "contestador" + +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "El temps d'inactivitat abans de la desconnexió automàtica d'un client" + +#~ msgid "SSSD Services to start" +#~ msgstr "Els serveis del SSSD a iniciar" + +#~ msgid "SSSD Domains to start" +#~ msgstr "Els dominis del SSSD a iniciar" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "El temps d'expiració per als missatges enviats a través del SBUS" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "L'expressió regular per analitzar el nom d'usuari i el domini" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "Format compatible amb printf per mostrar els FQN" + +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "El directori del sistema de fitxers on el SSSD ha d'emmagatzemar els " +#~ "fitxers de la memòria cau de repetició de Kerberos." + +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "El domini per afegir als noms sense un component de domini." + +#~ msgid "The user to drop privileges to" +#~ msgstr "L'usuari a qui se li disminueixen els permisos" + +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Tots els espais, als noms dels grups o dels usuaris, se substituiran amb " +#~ "aquest caràcter" + +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "" +#~ "Període de temps per a l'expiració de la memòria cau de les enumeracions " +#~ "(en segons)" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "" +#~ "Període de temps per a l'expiració de l'actualització en rerefons de les " +#~ "entrades de la memòria cau (en segons)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "" +#~ "Període de temps per a l'expiració de la memòria cau negativa (en segons)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Els usuaris que l'SSSD hauria d'ignorar explícitament" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Els grups que l'SSSD hauria d'ignorar explícitament" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Si els usuaris filtrats han d'aparèixer als grups" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "" +#~ "El valor del camp de la contrasenya que ha de retornar el proveïdor NSS" + +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Substitueix el valor de homedir del proveïdor d'identitat amb aquest valor" + +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Substitueix el valor buit de homedir del proveïdor d'identitat amb aquest " +#~ "valor" + +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "" +#~ "Substitueix el valor del shell del proveïdor d'identitat amb aquest valor" + +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "" +#~ "La llista dels shells que els usuaris poden utilitzar per iniciar la " +#~ "sessió" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "La llista dels shells que es vetaran i se substituiran amb el shell " +#~ "alternatiu" + +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Si un shell emmagatzemat al directori central està permès però no es " +#~ "troba disponible, utilitza aquesta alternativa" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "El shell a utilitzar si el proveïdor no en llista cap" + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Quant de temps seran vàlids els registres a la memòria cau" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Quant de temps s'ha de permetre entre els inicis de sessions en memòria " +#~ "cau i els inicis de sessions en línia (en dies)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "" +#~ "Quants intents fallits d'inicis de sessió es permeten quan s'està " +#~ "desconnectat" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Quant de temps (en minuts) s'ha de denegar l'inici de sessió després " +#~ "d'haver assolit offline_failed_login_attempts" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Quins tipus de missatges es mostren a l'usuari durant l'autenticació" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Quants segons s'ha de mantenir la informació en la memòria cau per a les " +#~ "peticions PAM" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "" +#~ "Quants dies abans del venciment de la contrasenya s'hauria de mostrar una " +#~ "advertència" + +#~ msgid "List of trusted uids or user's name" +#~ msgstr "La llista dels uid o dels noms d'usuari de confiança" + +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "" +#~ "La llista dels dominis accessibles fins i tot per als usuaris que no són " +#~ "de confiança." + +#~ msgid "Message printed when user account is expired." +#~ msgstr "El missatge que es mostra quan venç el compte de l'usuari." + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "Si s'avaluen els atributs basats en temps a les regles sudo" + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Si s'esbocinen els noms i les adreces dels amfitrions al fitxer " +#~ "known_hosts" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Quants segons s'ha de mantenir un amfitrió al fitxer known_hosts després " +#~ "que s'hagi sol·licitat la seva clau" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "La llista dels UID o dels noms d'usuari que poden accedir al contestador " +#~ "del PAC" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "La llista dels UID o dels noms d'usuari que poden accedir al contestador " +#~ "de l'InfoPipe" + +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "La llista dels atributs de l'usuari que l'InfoPipe pot publicar" + +#~ msgid "Identity provider" +#~ msgstr "Proveïdor d'identitat" + +#~ msgid "Authentication provider" +#~ msgstr "Proveïdor d'autenticació" + +#~ msgid "Access control provider" +#~ msgstr "Proveïdor de control d'accés" + +#~ msgid "Password change provider" +#~ msgstr "Proveïdor de canvi de contrasenya" + +#~ msgid "SUDO provider" +#~ msgstr "Proveïdor de SUDO" + +#~ msgid "Autofs provider" +#~ msgstr "Proveïdor d'Autofs" + +#~ msgid "Host identity provider" +#~ msgstr "Proveïdor d'identitat d'amfitrions" + +#~ msgid "Minimum user ID" +#~ msgstr "Id. mínim d'usuari" + +#~ msgid "Maximum user ID" +#~ msgstr "Id. màxim d'usuari" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Habilita l'enumeració de tots els usuaris/grups" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "" +#~ "Credencials en memòria cau per als inicis de sessions sense connexió" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Mostra els usuaris/grups en format plenament qualificat" + +#~ msgid "Don't include group members in group lookups" +#~ msgstr "No incloure als membres dels grups en la recerca del grup" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "" +#~ "Període de temps per a l'expiració de les entrades de la memòria cau (en " +#~ "segons)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Restringeix o prefereix una família específica d'adreces quan es realitzi " +#~ "la recerca del DNS" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Quant de temps s'han de mantenir les entrades en la memòria cau després " +#~ "de l'últim inici de sessió reeixit (en dies)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Temps d'expiració per a les respostes del DNS en la resolució dels " +#~ "servidors (en segons)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "La part del domini de la consulta DNS del descobriment del servei" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "" +#~ "Substitueix el valor del GID del proveïdor d'identitat amb aquest valor" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Distingeix entre majúscules i minúscules als noms d'usuari" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "" +#~ "Amb quina freqüència les entrades vençudes s'actualitzen al rerefons" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Si s'actualitza automàticament l'entrada DNS del client" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "El TTL per aplicar a l'entrada DNS del client després d'actualitzar-ho" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "La interfície amb la IP que s'hauria d'utilitzar per a les " +#~ "actualitzacions dinàmiques DNS" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "Cada quant s'actualitzarà automàticament l'entrada DNS del client" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "Si el proveïdor ha d'actualitzar explícitament així el registre PTR" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Si la utilitat nsupdate per defecte ha d'utilitzar TCP" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Quin tipus d'autenticació s'ha d'utilitzar per realitzar l'actualització " +#~ "del DNS" + +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Control de l'enumeració dels amfitrions de confiança" + +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Amb quina freqüència s'ha de refrescar la llista dels subdominis" + +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Llista de les opcions que han de ser inherents a un subdomini" + +#~ msgid "IPA domain" +#~ msgstr "Domini IPA" + +#~ msgid "IPA server address" +#~ msgstr "Adreça del servidor IPA" + +#~ msgid "Address of backup IPA server" +#~ msgstr "Adreça del servidor IPA de reserva " + +#~ msgid "IPA client hostname" +#~ msgstr "Nom d'amfitrió del client IPA" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA" + +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Base de cerca per als objectes relacionats amb HBAC" + +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "" +#~ "Quantitat de temps entre recerques de les regles HBAC contra el servidor " +#~ "IPA" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "" +#~ "Quantitat de temps en segons entre recerques de les assignacions SELinux " +#~ "contra el servidor IPA" + +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat " +#~ "amb PAM" + +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "" +#~ "La ubicació de l'eina de muntatge automàtic que aquest client IPA està " +#~ "utilitzant" + +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "" +#~ "Base de cerca per a l'objecte que conté la informació sobre el domini de " +#~ "l'IPA" + +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "" +#~ "Base de cerca per als objectes que contenen informació sobre els " +#~ "intervals d'id." + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "" +#~ "Habilita els llocs DNS - el descobriment del servei es basa en la ubicació" + +#~ msgid "Search base for view containers" +#~ msgstr "Base de cerca per als contenidors de la vista" + +#~ msgid "Objectclass for view containers" +#~ msgstr "Objectclass per als contenidors de la vista" + +#~ msgid "Attribute with the name of the view" +#~ msgstr "L'atribut amb el nom de la vista" + +#~ msgid "Objectclass for override objects" +#~ msgstr "Objectclass per substituir els objectes" + +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "L'atribut amb la referència a l'objecte original" + +#~ msgid "Objectclass for user override objects" +#~ msgstr "Objectclass per als objectes de substitució d'usuari" + +#~ msgid "Objectclass for group override objects" +#~ msgstr "Objectclass per als objectes de substitució de grup" + +#~ msgid "Active Directory domain" +#~ msgstr "Domini Active Directory" + +#~ msgid "Active Directory server address" +#~ msgstr "Adreça del servidor de l'Active Directory" + +#~ msgid "Active Directory backup server address" +#~ msgstr "Adreça del servidor de l'Active Directory de reserva" + +#~ msgid "Active Directory client hostname" +#~ msgstr "Nom d'amfitrió del client d'Active Directory" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Filtre LDAP per determinar els privilegis d'accés" + +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Si s'utilitza el catàleg global per a les recerques" + +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Mode d'operació per al control d'accés basat en GPO" + +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "" +#~ "Quantitat de temps entre recerques de fitxers de polítiques GPO contra el " +#~ "servidor d'AD" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " +#~ "(Deny)InteractiveLogonRight del GPO" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " +#~ "(Deny)RemoteInteractiveLogonRight del GPO" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " +#~ "(Deny)NetworkLogonRight del GPO" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " +#~ "(Deny)BatchLogonRight del GPO" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " +#~ "(Deny)ServiceLogonRight del GPO" + +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "" +#~ "Noms dels serveis del PAM als quals sempre se'ls garanteix l'accés basat " +#~ "en GPO" + +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "" +#~ "Noms dels serveis del PAM als quals sempre se'ls denega l'accés basat en " +#~ "GPO" + +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Dret (permet o denega) predeterminat de l'inici de sessió a utilitzar per " +#~ "als noms dels serveis del PAM sense assignar" + +#~ msgid "a particular site to be used by the client" +#~ msgstr "un lloc determinat per utilitzar amb el client" + +#~ msgid "Kerberos server address" +#~ msgstr "Adreça del servidor Kerberos" + +#~ msgid "Kerberos backup server address" +#~ msgstr "Adreça del servidor Kerberos de reserva" + +#~ msgid "Kerberos realm" +#~ msgstr "Reialme Kerberos" + +#~ msgid "Authentication timeout" +#~ msgstr "Temps d'expiració de l'autenticació" + +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Si es creen els fitxers kdcinfo" + +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Si es rebutgen les parts de la configuració del krb5" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Directori per emmagatzemar la memòria cau de les credencials" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Ubicació de la memòria cau de les credencials de l'usuari" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Ubicació de la clau per validar les credencials" + +#~ msgid "Enable credential validation" +#~ msgstr "Habilita la validació de credencials" + +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "Emmagatzema la contrasenya si s'està desconnectat per a l'autenticació " +#~ "posterior amb connexió" + +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Temps de vida renovable del TGT" + +#~ msgid "Lifetime of the TGT" +#~ msgstr "Temps de vida del TGT" + +#~ msgid "Time between two checks for renewal" +#~ msgstr "Temps entre les dues comprovacions per a la renovació" + +#~ msgid "Enables FAST" +#~ msgstr "Habilita FAST" + +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Selecciona el principal per utilitzar amb FAST" + +#~ msgid "Enables principal canonicalization" +#~ msgstr "Habilita la canonització del principal" + +#~ msgid "Enables enterprise principals" +#~ msgstr "Habilita els principals empresarials" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Servidor on es troba el servei de canvi de contrasenya si no està al KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, L'URI del servidor LDAP" + +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, L'URI del servidor LDAP" + +#~ msgid "The default base DN" +#~ msgstr "El DN base per defecte" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "El DN de creació del vincle per defecte" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "" +#~ "El tipus del testimoni d'autenticació del DN de creació del vincle per " +#~ "defecte" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "" +#~ "El testimoni d'autenticació del DN de creació del vincle per defecte" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Període de temps per intentar una connexió" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Període de temps per intentar operacions LDAP asíncrones" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "" +#~ "Període de temps entre els intents per tornar a connectar mentre s'està " +#~ "desconnectat" + +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Utilitza només majúscules pels noms de reialme" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Fitxer que conté els certificats de l'AC" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Camí al directori del certificat de l'AC" + +#~ msgid "File that contains the client certificate" +#~ msgstr "Fitxer que conté el certificat de client" + +#~ msgid "File that contains the client key" +#~ msgstr "Fitxer que conté la clau de client" + +#~ msgid "List of possible ciphers suites" +#~ msgstr "Llista de paquets de xifrat possibles" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Requereix verificació de certificat TLS" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Especifica el mecanisme SASL a utilitzar" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Especifica l'id. d'autorització SASL a utilitzar" + +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Especifica el reialme d'autorització SASL a utilitzar" + +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Taula de claus del servei del Kerberos" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Segueix les referències LDAP" + +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Temps de vida del TGT per la connexió LDAP" + +#~ msgid "How to dereference aliases" +#~ msgstr "Com desreferenciar els àlies" + +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Nom del servei per a la recerca del servei del DNS" + +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "El nombre de registres a recuperar en una sola consulta LDAP" + +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "El nombre de membres que han de faltar per activar una de-referència " +#~ "completa" + +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Si la biblioteca LDAP hauria de realitzar una recerca inversa per " +#~ "canonitzar el nom d'amfitrió durant la creació del vincle SASL" + +#~ msgid "entryUSN attribute" +#~ msgstr "L'atribut entryUSN" + +#~ msgid "lastUSN attribute" +#~ msgstr "L'atribut lastUSN" + +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " +#~ "desconnectar" + +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Inhabilita el control de paginació LDAP" + +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Període de temps per esperar una petició de cerca" + +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Període de temps per esperar una petició d'enumeració" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Període de temps entre les actualitzacions de les enumeracions" + +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Període de temps entre les neteges de la memòria cau" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Requereix TLS per a la recerca d'id." + +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-" +#~ "establerts" + +#~ msgid "Base DN for user lookups" +#~ msgstr "DN base per a la recerca de l'usuari" + +#~ msgid "Scope of user lookups" +#~ msgstr "Abast de la recerca de l'usuari" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filtre per a la recerca de l'usuari" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass per als usuaris" + +#~ msgid "Username attribute" +#~ msgstr "L'atribut nom d'usuari" + +#~ msgid "UID attribute" +#~ msgstr "L'atribut UID" + +#~ msgid "Primary GID attribute" +#~ msgstr "L'atribut GID primari" + +#~ msgid "GECOS attribute" +#~ msgstr "L'atribut GECOS" + +#~ msgid "Home directory attribute" +#~ msgstr "L'atribut directori inicial" + +#~ msgid "Shell attribute" +#~ msgstr "L'atribut shell" + +#~ msgid "UUID attribute" +#~ msgstr "L'atribut UUID" + +#~ msgid "objectSID attribute" +#~ msgstr "L'atribut objectSID" + +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "" +#~ "L'atribut grup primari de l'Active Directory per a l'assignació d'id." + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "L'atribut usuari principal (per a Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Nom complet" + +#~ msgid "memberOf attribute" +#~ msgstr "L'atribut memberOf" + +#~ msgid "Modification time attribute" +#~ msgstr "L'atribut data de modificació" + +#~ msgid "shadowLastChange attribute" +#~ msgstr "L'atribut shadowLastChange" + +#~ msgid "shadowMin attribute" +#~ msgstr "L'atribut shadowMin" + +#~ msgid "shadowMax attribute" +#~ msgstr "L'atribut shadowMax" + +#~ msgid "shadowWarning attribute" +#~ msgstr "L'atribut shadowWarning" + +#~ msgid "shadowInactive attribute" +#~ msgstr "L'atribut shadowInactive" + +#~ msgid "shadowExpire attribute" +#~ msgstr "L'atribut shadowExpire" + +#~ msgid "shadowFlag attribute" +#~ msgstr "L'atribut shadowFlag" + +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "L'atribut que llista els serveis PAM autoritzats" + +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" + +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "L'atribut krbLastPwdChange" + +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "L'atribut krbPasswordExpiration" + +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "L'atribut que indica l'activació de les polítiques de contrasenya de " +#~ "servidor" + +#~ msgid "accountExpires attribute of AD" +#~ msgstr "L'atribut accountExpires de l'AD" + +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "L'atribut userAccountControl de l'AD" + +#~ msgid "nsAccountLock attribute" +#~ msgstr "L'atribut nsAccountLock" + +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "L'atribut loginDisabled del NDS" + +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "L'atribut loginExpirationTime del NDS" + +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "L'atribut loginAllowedTimeMap del NDS" + +#~ msgid "SSH public key attribute" +#~ msgstr "L'atribut clau pública SSH" + +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "" +#~ "atribut que llista els tipus permesos d'autenticació per a un usuari" + +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "atribut que conté el certificat X509 de l'usuari" + +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "Una llista dels atributs extres per baixar juntament amb l'entrada de " +#~ "l'usuari" + +#~ msgid "Base DN for group lookups" +#~ msgstr "DN base per a la recerca del grup" + +#~ msgid "Objectclass for groups" +#~ msgstr "L'objectclass per als grups" + +#~ msgid "Group name" +#~ msgstr "Nom del grup" + +#~ msgid "Group password" +#~ msgstr "Contrasenya del grup" + +#~ msgid "GID attribute" +#~ msgstr "L'atribut GID" + +#~ msgid "Group member attribute" +#~ msgstr "L'atribut membre del grup" + +#~ msgid "Group UUID attribute" +#~ msgstr "L'atribut UUID del grup" + +#~ msgid "Modification time attribute for groups" +#~ msgstr "L'atribut data de modificació per als grups" + +#~ msgid "Type of the group and other flags" +#~ msgstr "Tipus del grup i altres senyals" + +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "DN base per a la recerca del grup de xarxa" + +#~ msgid "Objectclass for netgroups" +#~ msgstr "L'objectclass per als grups de xarxa" + +#~ msgid "Netgroup name" +#~ msgstr "Nom de grup de xarxa" + +#~ msgid "Netgroups members attribute" +#~ msgstr "L'atribut membres del grup de xarxa" + +#~ msgid "Netgroup triple attribute" +#~ msgstr "L'atribut triple del grup de xarxa" + +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "L'atribut data de modificació per als grups de xarxa" + +#~ msgid "Base DN for service lookups" +#~ msgstr "DN base per a la recerca del servei" + +#~ msgid "Objectclass for services" +#~ msgstr "Objectclass per als serveis" + +#~ msgid "Service name attribute" +#~ msgstr "L'atribut nom del servei" + +#~ msgid "Service port attribute" +#~ msgstr "L'atribut port del servei" + +#~ msgid "Service protocol attribute" +#~ msgstr "L'atribut protocol del servei" + +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Límit inferior per a l'assignació d'id." + +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Límit superior per a l'assignació d'id." + +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Nombres d'id. per cada porció en l'assignació d'id." + +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." + +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Nom del domini per defecte per a l'assignació d'id." + +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID del domini per defecte per a l'assignació d'id." + +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Si s'utilitzen els grups amb testimonis" + +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" + +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" + +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN per a les consultes ppolicy" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Política per avaluar el venciment de la contrasenya" + +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "" +#~ "Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" + +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" + +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" + +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" + +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" + +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi " +#~ "de contrasenya" + +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "DN base per a la recerca de les regles sudo" + +#~ msgid "Automatic full refresh period" +#~ msgstr "Període d'actualització automàtica completa" + +#~ msgid "Automatic smart refresh period" +#~ msgstr "Període d'actualització automàtica intel·ligent" + +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" + +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " +#~ "per filtrar les regles de sudo" + +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" + +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " +#~ "l'amfitrió" + +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Si s'inclouen les regles que contenen expressions regulars a l'atribut de " +#~ "l'amfitrió" + +#~ msgid "Object class for sudo rules" +#~ msgstr "Objectclass de les regles sudo" + +#~ msgid "Sudo rule name" +#~ msgstr "Nom de la regla sudo" + +#~ msgid "Sudo rule command attribute" +#~ msgstr "Attribut command de la regla sudo" + +#~ msgid "Sudo rule host attribute" +#~ msgstr "L'atribut host de la regla sudo" + +#~ msgid "Sudo rule user attribute" +#~ msgstr "L'atribut user de la regla sudo" + +#~ msgid "Sudo rule option attribute" +#~ msgstr "L'atribut option de la regla sudo" + +#~ msgid "Sudo rule runas attribute" +#~ msgstr "L'atribut runas de la regla sudo" + +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "L'atribut runasuser de la regla sudo" + +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "L'atribut runasgroup de la regla sudo" + +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "L'atribut notbefore de la regla sudo" + +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "L'atribut notafter de la regla sudo" + +#~ msgid "Sudo rule order attribute" +#~ msgstr "L'atribut order de la regla sudo" + +#~ msgid "Object class for automounter maps" +#~ msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" + +#~ msgid "Automounter map name attribute" +#~ msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" + +#~ msgid "Object class for automounter map entries" +#~ msgstr "" +#~ "Objectclass per a les entrades de les assignacions de l'eina de muntatge " +#~ "automàtic" + +#~ msgid "Automounter map entry key attribute" +#~ msgstr "" +#~ "L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" + +#~ msgid "Automounter map entry value attribute" +#~ msgstr "" +#~ "L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" + +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "" +#~ "DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Llista separada per comes dels usuaris autoritzats" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Llista separada per comes dels usuaris no autoritzats" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "El shell predeterminat, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Base per als directoris inicials" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "El nom de la biblioteca NSS a utilitzar" + +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "" +#~ "Si se cerca el nom del grup canònic des de la memòria cau, si és possible" + +#~ msgid "PAM stack to use" +#~ msgstr "Pila PAM a utilitzar" diff --git a/po/cs.po b/po/cs.po index 218312af04..8fc9fcabda 100644 --- a/po/cs.po +++ b/po/cs.po @@ -5,7 +5,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-09-12 02:51+0200\n" +"POT-Creation-Date: 2019-11-30 22:24+0100\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -76,12 +76,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Časový limit pro zprávy posílané přes SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "Regex to parse username and domain" msgstr "Regulární výraz pro zpracování uživatelského jména a domény" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:200 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Formát kompatibilní s printf pro zobrazování úplných názvů" @@ -320,55 +320,65 @@ msgstr "" msgid "Path to storage of trusted CA certificates" msgstr "Popis umístění úložiště certifikátů důvěryhodných cert. autorit" -#: src/config/SSSDConfig/__init__.py.in:124 +#: src/config/SSSDConfig/__init__.py.in:122 +msgid "Allow to generate ssh-keys from certificates" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:123 +msgid "" +"Use the following matching rules to filter the certificates for ssh-key " +"generation" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Seznam UID nebo uživatelských jmen, kterým je umožněn přístup k PAC " "odpovídači" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "How long the PAC data is considered valid" msgstr "Po jak dlouho jsou PAC data považována za platná" -#: src/config/SSSDConfig/__init__.py.in:128 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Seznam UID identifikátorů nebo uživatelských jmen, kterým je umožněn přístup " "k InfoPipe odpovídači" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Seznam atributů uživatele, které InfoPipe bude moci zveřejnit" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The provider where the secrets will be stored in" msgstr "Poskytovatel, ve kterém budou tajemství ukládána" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:135 msgid "The maximum allowed number of nested containers" msgstr "Nejvyšší umožněný počet vnořených kontejnerů" -#: src/config/SSSDConfig/__init__.py.in:134 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The maximum number of secrets that can be stored" msgstr "Nejvyšší umožněný počet tajemství, která mohou být uložena" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The maximum number of secrets that can be stored per UID" msgstr "Maximální počet tajemství, která je možné uložit pro jednotlivá UID" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "The maximum payload size of a secret in kilobytes" msgstr "Nejvyšší umožněná velikost nákladu tajemství (v kilobajtech)" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "The URL Custodia server is listening on" msgstr "URL adresa na které Custodia server očekává spojení" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "The method to use when authenticating to a Custodia server" msgstr "Metoda kterou použít při ověřování se vůči Custodia serveru" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" @@ -376,18 +386,18 @@ msgstr "" "Název hlaviček které budou přidány do HTTP požadavku s hodnotou definovanou " "v auth_header_value" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "The value sssd-secrets would use for auth_header_name" msgstr "Hodnota kterou by sssd-secrets použilo pro auth_header_name" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" "Seznam hlaviček které přeposlat Custodia serveru společně s požadavkem" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "" "The username to use when authenticating to a Custodia server using " "basic_auth" @@ -395,21 +405,21 @@ msgstr "" "Uživatelské jméno které použít při ověřování se vůči Custodia serveru pomocí " "basic_auth" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "" "The password to use when authenticating to a Custodia server using " "basic_auth" msgstr "" "Heslo které použít při ověřování se vůči Custodia serveru pomocí basic_auth" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "" "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" "Pokud je zapnuto, certifikát protějšku je ověřen pokud proxy_url používá " "https protokol" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" @@ -417,112 +427,112 @@ msgstr "" "Pokud není nastaveno, certifikát protějšku může obsahovat rozdílný název " "stroje než proxy_url když je použit https protokol" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:149 msgid "Path to directory where certificate authority certificates are stored" msgstr "" "Popis umístění složky ve které jsou uchovávány certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:148 +#: src/config/SSSDConfig/__init__.py.in:150 msgid "Path to file containing server's CA certificate" msgstr "" "Popis umístění souboru obsahujícího certifikát certif. autority serveru" -#: src/config/SSSDConfig/__init__.py.in:149 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Path to file containing client's certificate" msgstr "Popis umístění souboru obsahujícího klientský certifikát" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Path to file containing client's private key" msgstr "Popis umístění souboru obsahujícího soukromý klíč klienta" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "Identity provider" msgstr "Poskytovatel identity" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Authentication provider" msgstr "Poskytovatel ověřování" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Access control provider" msgstr "Poskytovatel řízení přístupu" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "Password change provider" msgstr "Poskytovatel změny hesel" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "SUDO provider" msgstr "Poskytovatel SUDO" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:160 msgid "Autofs provider" msgstr "Poskytovatel autofs" -#: src/config/SSSDConfig/__init__.py.in:159 +#: src/config/SSSDConfig/__init__.py.in:161 msgid "Host identity provider" msgstr "Poskytovatel identity strojů" -#: src/config/SSSDConfig/__init__.py.in:160 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "SELinux provider" msgstr "Poskytovatel SELinux" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Session management provider" msgstr "Poskytovatel správy sezení" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Whether the domain is usable by the OS or by applications" msgstr "Zda je doména použitelná pro operační systém nebo aplikace" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Minimum user ID" msgstr "Nejnižší identif. uživatele" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Maximum user ID" msgstr "Nejvyšší identif. uživatele" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Enable enumerating all users/groups" msgstr "Zapnout vyčíslování všech uživatelů/skupin" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:170 msgid "Cache credentials for offline login" msgstr "" "Ukládat přihlašovací údaje do mezipaměti pro přihlašování se bez připojení" -#: src/config/SSSDConfig/__init__.py.in:169 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "Display users/groups in fully-qualified form" msgstr "Zobrazovat uživatele/skupiny v úplné podobě" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "Don't include group members in group lookups" msgstr "Nezahrnovat členy skupiny do hledání skupiny" -#: src/config/SSSDConfig/__init__.py.in:171 -#: src/config/SSSDConfig/__init__.py.in:180 -#: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:173 #: src/config/SSSDConfig/__init__.py.in:182 #: src/config/SSSDConfig/__init__.py.in:183 #: src/config/SSSDConfig/__init__.py.in:184 #: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "Entry cache timeout length (seconds)" msgstr "Délka časového limitu položky (v sekundách)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Omezit nebo upřednostnit konkrétní generaci adres při provádění DNS hledání" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Jak dlouho si ponechávat položky v mezipaměti po posledním úspěšném " "přihlášení (dny)" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "" "How long should SSSD talk to single DNS server before trying next server " "(miliseconds)" @@ -530,184 +540,184 @@ msgstr "" "Jak dlouho se má SSSD pokoušet komunikovat s jedním DNS serverem, než " "vyzkouší další server (v milisekundách)" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:177 msgid "How long should keep trying to resolve single DNS query (seconds)" msgstr "Jak dlouho se pokoušet přeložit jeden DNS dotaz (sekundy)" -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:178 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "Jak dlouho čekat na odpovědi z DNS při překládání serverů (sekundy)" -#: src/config/SSSDConfig/__init__.py.in:177 +#: src/config/SSSDConfig/__init__.py.in:179 msgid "The domain part of service discovery DNS query" msgstr "Doménová část DNS dotazu pro objevování služby" -#: src/config/SSSDConfig/__init__.py.in:178 +#: src/config/SSSDConfig/__init__.py.in:180 msgid "Override GID value from the identity provider with this value" msgstr "Přebít hodnotu GID z poskytovatele identit touto hodnotou" -#: src/config/SSSDConfig/__init__.py.in:179 +#: src/config/SSSDConfig/__init__.py.in:181 msgid "Treat usernames as case sensitive" msgstr "U uživatelských jmen rozlišovat velká a malá písmena" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "How often should expired entries be refreshed in background" msgstr "" "Jak často mají být položky, kterým skončila platnost, na pozadí obnovovány" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether to automatically update the client's DNS entry" msgstr "Zda automaticky aktualizovat DNS položku klienta" -#: src/config/SSSDConfig/__init__.py.in:188 -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "TTL které uplatnit na DNS položku klienta po její aktualizaci" -#: src/config/SSSDConfig/__init__.py.in:189 -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Rozhraní, kterého IP adresu použít pro dynamickou aktualizaci DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "How often to periodically update the client's DNS entry" msgstr "Jak často pravidelně aktualizovat DNS záznam klienta" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" "Zda má poskytovatel výslovně aktualizovat také záznam pro zpětný překlad " "(PTR)" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Zda má nástroj nsupdate jako výchozí používat protokol TCP" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "What kind of authentication should be used to perform the DNS update" msgstr "Jaký druh ověřování by měl být použit při provádění aktualizace DNS" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "Override the DNS server used to perform the DNS update" msgstr "Přepsat DNS server použité pro provedení DNS aktualizace" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Control enumeration of trusted domains" msgstr "Řídí vyčíslování důvěryhodných domén" -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "How often should subdomains list be refreshed" msgstr "Jak často má být znovu načítán seznam dílčích domén" -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "List of options that should be inherited into a subdomain" msgstr "Seznam voleb které by měly být převzaté do dílčí domény" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:200 msgid "Default subdomain homedir value" msgstr "Výchozí hodnota homedir dílčí domény" -#: src/config/SSSDConfig/__init__.py.in:199 +#: src/config/SSSDConfig/__init__.py.in:201 msgid "How long can cached credentials be used for cached authentication" msgstr "" "Po jak dlouho mohou být přihlašovací údaje, uložené v mezipaměti, pro " "ověřování" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Whether to automatically create private groups for users" msgstr "Zda uživatelům automaticky vytvářet soukromé skupiny" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "IPA domain" msgstr "IPA doména" -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "IPA server address" msgstr "Adresa IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Address of backup IPA server" msgstr "Adresa záložního IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "IPA client hostname" msgstr "Název stroje klienta IPA" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Zda automaticky aktualizovat DNS položku klienta ve FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for HBAC related objects" msgstr "Základ hledání pro objekty, související s HBAC" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Množství času mezi vyhledáváními HBAC pravidel vůči IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" "Množství času (v sekundách) mezi vyhledáváními SELinux map vůči IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "If set to false, host argument given by PAM will be ignored" msgstr "Pokud je vypnuto, argument stroje daný PAM bude ignorován" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "The automounter location this IPA client is using" msgstr "Umístění automounter, které tento IPA klient používá" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Search base for object containing info about IPA domain" msgstr "Základ hledání pro objekt obsahující informace o IPA doméně" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Search base for objects containing info about ID ranges" msgstr "" "Základ hledání pro objekty obsahující informace o rozsazích identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:219 -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "Enable DNS sites - location based service discovery" msgstr "Zapnout DNS sites – na umístění založené objevování služby" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Search base for view containers" msgstr "Základ hledání pro zobrazení kontejnerů" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for view containers" msgstr "Objektová třída pro zobrazení kontejnerů" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Attribute with the name of the view" msgstr "Atribut obsahující název pohledu" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "Objectclass for override objects" msgstr "Objektová třída pro přepsání objektů" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "Attribute with the reference to the original object" msgstr "Atribut obsahující odkaz na původní objekt" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:227 msgid "Objectclass for user override objects" msgstr "Objektová třída pro uživatelské přepsání objektů" -#: src/config/SSSDConfig/__init__.py.in:226 +#: src/config/SSSDConfig/__init__.py.in:228 msgid "Objectclass for group override objects" msgstr "Objektová třída pro objekty přepsání skupiny" -#: src/config/SSSDConfig/__init__.py.in:227 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Search base for Desktop Profile related objects" msgstr "Základ hledání pro objekty související s desktopovým profilem" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" @@ -715,7 +725,7 @@ msgstr "" "Doba (v sekundách) mezi hledáními pravidel desktopového projektu vůči IPA " "serveru" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" @@ -723,46 +733,46 @@ msgstr "" "Množství času (v minutách) mezi vyhledáními pravidel desktopových profilů " "vůči IPA serveru když poslední požadavek nenašel žádné pravidlo" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Active Directory domain" msgstr "Doména Active Directory" -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Enabled Active Directory domains" msgstr "Zapnout domény Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Active Directory server address" msgstr "Adresa serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Active Directory backup server address" msgstr "Adresa záložního serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "Active Directory client hostname" msgstr "Název stroje klienta Active Directory" -#: src/config/SSSDConfig/__init__.py.in:238 -#: src/config/SSSDConfig/__init__.py.in:423 +#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:425 msgid "LDAP filter to determine access privileges" msgstr "LDAP filtr pro zjišťování přístupových oprávnění" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "Whether to use the Global Catalog for lookups" msgstr "Zda pro hledání používat globální katalog" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "Operation mode for GPO-based access control" msgstr "Režim fungování pro řízení přístupu založené na GPO objektech" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "Množství času mezi vyhledáními souborů GPO zásad vůči AD serveru" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -770,7 +780,7 @@ msgstr "" "Názvy PAM služby, která mapuje na (Deny)InteractiveLogonRight nastavení " "zásady" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -778,264 +788,264 @@ msgstr "" "Názvy PAM služby, která mapuje GPO (Deny)RemoteInteractiveLogonRight " "nastavení zásady" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " "settings" msgstr "" "Názvy PAM služby, která mapuje GPO (Deny)NetworkLogonRight nastavení zásady" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "PNázvy PAM služby, která mapuje GPO (Deny)BatchLogonRight nastavení zásady" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " "settings" msgstr "" "Názvy PAM služby, která mapuje GPO (Deny)ServiceLogonRight nastavení zásady" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Názvy PAM služby, pro které je přístup založený na GPO objektech vždy udělen" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:250 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Názvy PAM služby, pro které je přístup založený na GPO objektech vždy " "odepřen" -#: src/config/SSSDConfig/__init__.py.in:249 +#: src/config/SSSDConfig/__init__.py.in:251 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Výchozí přihlasovací oprávnění (nebo permit/deny), které použít pro názvy " "nenamapovaných PAM služeb" -#: src/config/SSSDConfig/__init__.py.in:250 +#: src/config/SSSDConfig/__init__.py.in:252 msgid "a particular site to be used by the client" msgstr "konkrétní místo kterou použít klientem" -#: src/config/SSSDConfig/__init__.py.in:251 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" "Nejvyšší umožněné stáří (ve dnech) než by mělo být obnoveno heslo účtu " "stroje" -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Option for tuning the machine account renewal task" msgstr "Volba pro vyladění úlohy obnovování účtu stroje" -#: src/config/SSSDConfig/__init__.py.in:255 -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Kerberos server address" msgstr "Adresa kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:259 msgid "Kerberos backup server address" msgstr "Adresa záložního kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:258 +#: src/config/SSSDConfig/__init__.py.in:260 msgid "Kerberos realm" msgstr "Kerberos oblast" -#: src/config/SSSDConfig/__init__.py.in:259 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Authentication timeout" msgstr "Časový limit ověřování" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Whether to create kdcinfo files" msgstr "Zda vytvářet kdcinfo souborů" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Where to drop krb5 config snippets" msgstr "Kam odkládat útržky nastavení krb5" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Directory to store credential caches" msgstr "Složka ve které ukládat mezipaměť přihlašovacích údajů" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Location of the user's credential cache" msgstr "Umístění mezipaměti přihlašovacích údajů uživatele" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Location of the keytab to validate credentials" msgstr "" "Umístění uložených přihlašovacích údajů pro ověřování ověřovacích údajů" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enable credential validation" msgstr "Zapnout ověřování přihlašovacích údajů" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Store password if offline for later online authentication" msgstr "Ukládat heslo pokud bez připojení pro pozdější ověření při připojení" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Renewable lifetime of the TGT" msgstr "Obnovovatelná životnost TGT lístku" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Lifetime of the TGT" msgstr "Životnost TGT lístku" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "Time between two checks for renewal" msgstr "Doba mezi dvěma kontrolami pro obnovu" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:274 msgid "Enables FAST" msgstr "Zapíná FAST" -#: src/config/SSSDConfig/__init__.py.in:273 +#: src/config/SSSDConfig/__init__.py.in:275 msgid "Selects the principal to use for FAST" msgstr "Vybírá principal pro použití pro FAST" -#: src/config/SSSDConfig/__init__.py.in:274 +#: src/config/SSSDConfig/__init__.py.in:276 msgid "Enables principal canonicalization" msgstr "Zapíná kanonizaci principalu" -#: src/config/SSSDConfig/__init__.py.in:275 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Enables enterprise principals" msgstr "Zapíná podnikové principaly" -#: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:278 msgid "A mapping from user names to Kerberos principal names" msgstr "Mapování z uživatelských jmen na názvy kerberos principal" -#: src/config/SSSDConfig/__init__.py.in:279 -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server na kterém je spuštěná služba pro změnu hesla, pokud to není KDC" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI adresa LDAP serveru" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, URI adresa LDAP serveru" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The default base DN" msgstr "Výchozí základ rozlišeného názvu" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Typ schématu používaný na LDAP serveru, dle normy rfc2307" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Mode used to change user password" msgstr "Režim použitý pro změnu hesla uživatele" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "The default bind DN" msgstr "Výchozí spojovací rozlišený název" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "The type of the authentication token of the default bind DN" msgstr "Typ ověřovacího tokenu výchozího spojovacího rozlišeného názvu" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "The authentication token of the default bind DN" msgstr "ověřovací token výchozího spojovacího rozlišeného názvu" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Length of time to attempt connection" msgstr "Doba po kterou se pokoušet o připojení" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Doba po kterou se pokoušet o synchronní LDAP operace" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "Length of time between attempts to reconnect while offline" msgstr "Doba mezi pokusy o opětovné připojení když bez připojení" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "Use only the upper case for realm names" msgstr "Pro názvy oblastí (realm) používat pouze velká písmena" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "File that contains CA certificates" msgstr "Soubor obsahující certifikáty cert. autorit" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Path to CA certificate directory" msgstr "Popis umístění složky s certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "File that contains the client certificate" msgstr "Soubor obsahující klientský certifikát" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "File that contains the client key" msgstr "Soubor který obsahuje klientský klíč" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "List of possible ciphers suites" msgstr "Seznam možných šifrovacích algoritmů" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Require TLS certificate verification" msgstr "Vyžadovat ověření TSL certifikátem" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Specify the sasl mechanism to use" msgstr "Určete sasl mechanizmus, který použít" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Specify the sasl authorization id to use" msgstr "Zadejte identifikátor sasl ověřování které použít" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Specify the sasl authorization realm to use" msgstr "Zadejte oblast (realm) sasl ověřování kterou použít" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Zadejte minimální SSF pro LDAP sasl ověřování" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Kerberos service keytab" msgstr "Uložené přihlašovací údaje (keytab) služby kerberos" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "Use Kerberos auth for LDAP connection" msgstr "Použít pro LDAP spojení kerberos" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "Follow LDAP referrals" msgstr "Následovat LDAP odkazy" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "Lifetime of TGT for LDAP connection" msgstr "Životnost TGT lístku pro LDAP spojení" -#: src/config/SSSDConfig/__init__.py.in:309 +#: src/config/SSSDConfig/__init__.py.in:311 msgid "How to dereference aliases" msgstr "Jak rušit odkazování alternativních jmen" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "Service name for DNS service lookups" msgstr "Název služby pro hledání služby pomocí DNS" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "The number of records to retrieve in a single LDAP query" msgstr "Počet záznamů které získávat v rámci jediného LDAP dotazu" -#: src/config/SSSDConfig/__init__.py.in:312 +#: src/config/SSSDConfig/__init__.py.in:314 msgid "The number of members that must be missing to trigger a full deref" msgstr "Počet členů který je třeba aby chyběli, aby bylo spuštěno plné deref" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1043,403 +1053,403 @@ msgstr "" "Zda LDAP knihovna má provádět zpětný překlad pro kanonizaci názvu stroje při " "SASL spojení" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "entryUSN attribute" msgstr "atribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "lastUSN attribute" msgstr "atribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:318 +#: src/config/SSSDConfig/__init__.py.in:320 msgid "" "How long to retain a connection to the LDAP server before disconnecting" msgstr "Jak dlouho ponechat spojení s LDAP serverem před odpojením" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Disable the LDAP paging control" msgstr "Vypnut řízení LDAP stránkování" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Disable Active Directory range retrieval" msgstr "Vypnout získávání rozsahu Active Directory" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Length of time to wait for a search request" msgstr "Délka času po kterou čekat na požadavek hledání" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Length of time to wait for a enumeration request" msgstr "Délka času po kterou čekat na požadavek vyčíslení" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Length of time between enumeration updates" msgstr "Délka času po kterou čekat na aktualizace vyčíslení" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Length of time between cache cleanups" msgstr "Délka času po kterou čekat mezi vyčištěními mezipaměti" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Require TLS for ID lookups" msgstr "Vyžadovat pro vyhledání identifikátorů TLS šifrování" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Použít mapování identifikátorů objectSID namísto přednastavených " "identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:330 +#: src/config/SSSDConfig/__init__.py.in:332 msgid "Base DN for user lookups" msgstr "Základ rozliš. názvu pro vyhledávání uživatelů" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "Scope of user lookups" msgstr "Rozsah vyhledávání uživatelů" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Filter for user lookups" msgstr "Filtr pro vyhledávání uživatelů" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "Objectclass for users" msgstr "Objektová třída pro uživatele" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Username attribute" msgstr "Atribut uživatelské jméno" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UID attribute" msgstr "atribut UID" -#: src/config/SSSDConfig/__init__.py.in:337 +#: src/config/SSSDConfig/__init__.py.in:339 msgid "Primary GID attribute" msgstr "atribut hlavní GID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "GECOS attribute" msgstr "atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "Home directory attribute" msgstr "Atribut domovská složka" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Shell attribute" msgstr "Atribut shell" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "UUID attribute" msgstr "Atribut obsahující UUID" -#: src/config/SSSDConfig/__init__.py.in:342 -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "objectSID attribute" msgstr "Atribut obsahující objectSID" -#: src/config/SSSDConfig/__init__.py.in:343 +#: src/config/SSSDConfig/__init__.py.in:345 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Hlavní atribut skupiny z Active Directory pro mapování identifikátoru" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "User principal attribute (for Kerberos)" msgstr "Atribut obsahující principal uživatele (pro kerberos)" # auto translated by TM merge from project: Cockpit, version: rhel-7.4, DocId: cockpit -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "Full Name" msgstr "Celé jméno" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "memberOf attribute" msgstr "atribut memberOf (členem)" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "Modification time attribute" msgstr "atribut okamžik změny" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowLastChange attribute" msgstr "atribut obsahující shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowMin attribute" msgstr "atribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "shadowMax attribute" msgstr "atribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "shadowWarning attribute" msgstr "atribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "shadowInactive attribute" msgstr "atribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "shadowExpire attribute" msgstr "atribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "shadowFlag attribute" msgstr "atribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute listing authorized PAM services" msgstr "Atribut vypisující pověřené PAM služby" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "Attribute listing authorized server hosts" msgstr "Atribut vypisující hostitele – pověřené servery" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "Attribute listing authorized server rhosts" msgstr "Atribut vypisující vzdálené hostitele – pověřené servery" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "krbLastPwdChange attribute" msgstr "atribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "krbPasswordExpiration attribute" msgstr "atribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "Attribute indicating that server side password policies are active" msgstr "Atribut indikující že zásady ohledně hesel na straně serveru" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "accountExpires attribute of AD" msgstr "AD atribut accountExpires (platnost účtu končí)" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "userAccountControl attribute of AD" msgstr "AD atribut userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "nsAccountLock attribute" msgstr "atribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "loginDisabled attribute of NDS" msgstr "NDS atribut loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "loginExpirationTime attribute of NDS" msgstr "NDS atribut loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:367 +#: src/config/SSSDConfig/__init__.py.in:369 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS atribut loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "SSH public key attribute" msgstr "Atribut veřejná část ssh klíče" -#: src/config/SSSDConfig/__init__.py.in:369 +#: src/config/SSSDConfig/__init__.py.in:371 msgid "attribute listing allowed authentication types for a user" msgstr "atribut vypisující typy umožněných ověřování pro uživatele" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "attribute containing the X509 certificate of the user" msgstr "atribut obsahující X509 certifikát uživatele" -#: src/config/SSSDConfig/__init__.py.in:371 +#: src/config/SSSDConfig/__init__.py.in:373 msgid "attribute containing the email address of the user" msgstr "atribut obsahující e-mailovou adresu uživatele" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "A list of extra attributes to download along with the user entry" msgstr "Seznam dalších atributů, které stáhnout společně s položkou uživatele" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Base DN for group lookups" msgstr "Základ rozliš. názvu pro vyhledávání skupin" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Objectclass for groups" msgstr "Objektová třída pro skupiny" -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "Group name" msgstr "Název skupiny" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Group password" msgstr "Heslo skupiny" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "GID attribute" msgstr "Atribut GID" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "Group member attribute" msgstr "Atribut člen skupin" -#: src/config/SSSDConfig/__init__.py.in:383 +#: src/config/SSSDConfig/__init__.py.in:385 msgid "Group UUID attribute" msgstr "atribut UUID skupiny" -#: src/config/SSSDConfig/__init__.py.in:385 +#: src/config/SSSDConfig/__init__.py.in:387 msgid "Modification time attribute for groups" msgstr "Atribut okamžik úpravy pro skupiny" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Type of the group and other flags" msgstr "Typ skupiny a ostatní příznaky" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "The LDAP group external member attribute" msgstr "Atribut externí člen LDAP skupiny" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Maximum nesting level SSSD will follow" msgstr "Do kolikáté úrovně vnoření bude SSSD následovat" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Base DN for netgroup lookups" msgstr "Základ rozlišeného názvu pro vyhledávání negroup" -#: src/config/SSSDConfig/__init__.py.in:392 +#: src/config/SSSDConfig/__init__.py.in:394 msgid "Objectclass for netgroups" msgstr "Objektová třída pro netgroup" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Netgroup name" msgstr "Negroup název" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Netgroups members attribute" msgstr "Atribut členové negroup" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Netgroup triple attribute" msgstr "Atribut trojitý netgroup" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Modification time attribute for netgroups" msgstr "Atribut okamžik změny pro netgroup" -#: src/config/SSSDConfig/__init__.py.in:398 +#: src/config/SSSDConfig/__init__.py.in:400 msgid "Base DN for service lookups" msgstr "Základ rozliš. názvu pro hledání služeb" -#: src/config/SSSDConfig/__init__.py.in:399 +#: src/config/SSSDConfig/__init__.py.in:401 msgid "Objectclass for services" msgstr "Objektová třída pro služby" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Service name attribute" msgstr "Atribut název služby" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Service port attribute" msgstr "Atribut port služby" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Service protocol attribute" msgstr "Atribut protokol služby" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "Lower bound for ID-mapping" msgstr "Spodní spojení pro mapování identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Upper bound for ID-mapping" msgstr "Horní spojení pro mapování identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:407 +#: src/config/SSSDConfig/__init__.py.in:409 msgid "Number of IDs for each slice when ID-mapping" msgstr "Počet identifikátorů pro každý plátek při mapování identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Použít pro mapování identifikátorů algoritmus kompatibilní s autorid" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Name of the default domain for ID-mapping" msgstr "Název výchozí domény pro mapování identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "SID of the default domain for ID-mapping" msgstr "SID výchozí domény pro mapování identifikátorů" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Number of secondary slices" msgstr "Počet sekundárních plátků" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "Whether to use Token-Groups" msgstr "Zda používat skupiny tokenu" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Nastavit spodní hranici pro umožněné identifikátory z LDAP serveru" -#: src/config/SSSDConfig/__init__.py.in:415 +#: src/config/SSSDConfig/__init__.py.in:417 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Nastavit horní hranici pro umožněné identifikátory z LDAP serveru" -#: src/config/SSSDConfig/__init__.py.in:416 +#: src/config/SSSDConfig/__init__.py.in:418 msgid "DN for ppolicy queries" msgstr "Rozlišený název pro ppolicy dotazy" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Kolik nejvýše položek získat při požadavku se zástupnými znaky" -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "Policy to evaluate the password expiration" msgstr "Pravidlo pro vyhodnocení skončení platnosti hesla" -#: src/config/SSSDConfig/__init__.py.in:424 +#: src/config/SSSDConfig/__init__.py.in:426 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Jaké atributy mají být použity pro vyhodnocování zda platnost účtu skončila" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "Which rules should be used to evaluate access control" msgstr "Která pravidla by měla být použita pro vyhodnocení řízení přístupu" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI adresa LDAP serveru na kterém je dovoleno provádět změny hesel" -#: src/config/SSSDConfig/__init__.py.in:429 +#: src/config/SSSDConfig/__init__.py.in:431 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI záložního LDAP serveru, na kterém je možné měnit hesla" -#: src/config/SSSDConfig/__init__.py.in:430 +#: src/config/SSSDConfig/__init__.py.in:432 msgid "DNS service name for LDAP password change server" msgstr "Název DNS služby pro LDAP server změny hesel" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "Zda aktualizovat atribut ldap_user_shadow_last_change po změně hesla" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Base DN for sudo rules lookups" msgstr "Základ rozliš. názvu pro vyhledávání sudo pravidel" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "Automatic full refresh period" msgstr "Perioda automatického úplného znovunačtení" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "Automatic smart refresh period" msgstr "Perioda chytrého automatického znovunačtení" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Zda filtrovat pravidla podle názvů strojů, IP adres a sítě" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1447,221 +1457,225 @@ msgstr "" "Názvy strojů a/nebo úplné doménové názvy tohoto stroje pro filtrování sudo " "pravidel" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4 nebo IPv6 adresy nebo sítě tohoto stroje pro filtrování sudo pravidel" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Zda zahrnout pravidla která obsahují v atributu stroj síťovou skupinu " "(netgroup)" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Zda zahrnout pravidla, která obsahují v atributu stroj regulární výraz" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Object class for sudo rules" msgstr "Objektová třída pro sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 +msgid "Name of attribute that is used as object class for sudo rules" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule name" msgstr "Název sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule command attribute" msgstr "Atribut příkaz sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule host attribute" msgstr "Atribut stroj sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule user attribute" msgstr "Atribut uživatel sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule option attribute" msgstr "Atribut volba sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule runas attribute" msgstr "Atribut runas (spustit jako) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule runasuser attribute" msgstr "Atribut runasuser (spusť jako uživatel) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:453 msgid "Sudo rule runasgroup attribute" msgstr "Atribut runasgroup (spusť jako skupina) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:451 +#: src/config/SSSDConfig/__init__.py.in:454 msgid "Sudo rule notbefore attribute" msgstr "Atribut notbefore (ne před) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:452 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Sudo rule notafter attribute" msgstr "Atribut notafter (ne po) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Sudo rule order attribute" msgstr "Atribut order (pořadí) sudo pravidla" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Object class for automounter maps" msgstr "Objektová třída pro mapy automounter" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Automounter map name attribute" msgstr "Atribut automounter název mapy" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:461 msgid "Object class for automounter map entries" msgstr "Objektová třída pro položky mapy automounteru" -#: src/config/SSSDConfig/__init__.py.in:459 +#: src/config/SSSDConfig/__init__.py.in:462 msgid "Automounter map entry key attribute" msgstr "Atribut klíč položky mapy automounteru" -#: src/config/SSSDConfig/__init__.py.in:460 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Automounter map entry value attribute" msgstr "Atribut hodnoty položky mapy automounter" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Base DN for automounter map lookups" msgstr "Základ rozlišeného názvu pro vyhledávání map automounter" -#: src/config/SSSDConfig/__init__.py.in:464 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Comma separated list of allowed users" msgstr "Čárkou oddělovaný seznam uživatelů, kterým je umožněn přístup" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Comma separated list of prohibited users" msgstr "Čárkou oddělovaný seznam uživatelů, kterým je odepřen přístup" -#: src/config/SSSDConfig/__init__.py.in:468 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "Default shell, /bin/bash" msgstr "Výchozí shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:472 msgid "Base for home directories" msgstr "Základ pro domovské složky" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "The number of preforked proxy children." msgstr "Počet předrozvětvených dílčích procesů proxy." -#: src/config/SSSDConfig/__init__.py.in:475 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "The name of the NSS library to use" msgstr "Název NSS knihovny, kterou použít" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:479 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Zda vyhledávat kanonický název skupiny z mezipaměti, pokud je to možné" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "PAM stack to use" msgstr "PAM vrstvy, které použít" -#: src/config/SSSDConfig/__init__.py.in:482 +#: src/config/SSSDConfig/__init__.py.in:485 msgid "Path of passwd file sources." msgstr "Popis umístění souborových zdrojů passwd" -#: src/config/SSSDConfig/__init__.py.in:483 +#: src/config/SSSDConfig/__init__.py.in:486 msgid "Path of group file sources." msgstr "Popis umístění souborových zdrojů group" -#: src/monitor/monitor.c:2332 +#: src/monitor/monitor.c:2355 msgid "Become a daemon (default)" msgstr "Přejít v proces služby (výchozí)" -#: src/monitor/monitor.c:2334 +#: src/monitor/monitor.c:2357 msgid "Run interactive (not a daemon)" msgstr "Spustit interaktivně (ne jako proces služby)" -#: src/monitor/monitor.c:2337 +#: src/monitor/monitor.c:2360 msgid "Disable netlink interface" msgstr "Vypnout netlink rozhraní" -#: src/monitor/monitor.c:2339 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Zadat nevýchozí soubor s nastaveními" -#: src/monitor/monitor.c:2341 +#: src/monitor/monitor.c:2364 msgid "Refresh the configuration database, then exit" msgstr "Znovu načíst databázi s nastaveními, pak skončit" -#: src/monitor/monitor.c:2344 +#: src/monitor/monitor.c:2367 msgid "Similar to --genconf, but only refreshes the given section" msgstr "Podobné s --genconf, ale znovu načte pouze danou sekci" -#: src/monitor/monitor.c:2347 +#: src/monitor/monitor.c:2370 msgid "Print version number and exit" msgstr "Vypsat " -#: src/monitor/monitor.c:2491 +#: src/monitor/monitor.c:2514 msgid "SSSD is already running\n" msgstr "SSSD už je spuštěné" -#: src/providers/krb5/krb5_child.c:3232 src/providers/ldap/ldap_child.c:605 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 msgid "Debug level" msgstr "Úroveň podrobností ladících zpráv" -#: src/providers/krb5/krb5_child.c:3234 src/providers/ldap/ldap_child.c:607 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 msgid "Add debug timestamps" msgstr "Přidat do ladících informací časové značky" -#: src/providers/krb5/krb5_child.c:3236 src/providers/ldap/ldap_child.c:609 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 msgid "Show timestamps with microseconds" msgstr "Zobrazovat časové značky s mikrosekundami" -#: src/providers/krb5/krb5_child.c:3238 src/providers/ldap/ldap_child.c:611 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 msgid "An open file descriptor for the debug logs" msgstr "Otevřený popisovač souboru pro záznam ladících informací" -#: src/providers/krb5/krb5_child.c:3241 src/providers/ldap/ldap_child.c:613 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 msgid "Send the debug output to stderr directly." msgstr "Poslat ladící výstup přímo na standardní chybový výstup." -#: src/providers/krb5/krb5_child.c:3244 +#: src/providers/krb5/krb5_child.c:3245 msgid "The user to create FAST ccache as" msgstr "Uživatel pod kterým vytvořit FAST ccache" -#: src/providers/krb5/krb5_child.c:3246 +#: src/providers/krb5/krb5_child.c:3247 msgid "The group to create FAST ccache as" msgstr "Skupina pod kterou vytvořit FAST ccache" -#: src/providers/krb5/krb5_child.c:3248 +#: src/providers/krb5/krb5_child.c:3249 msgid "Kerberos realm to use" msgstr "Kerberos oblast (realm) kterou použít" -#: src/providers/krb5/krb5_child.c:3250 +#: src/providers/krb5/krb5_child.c:3251 msgid "Requested lifetime of the ticket" msgstr "Požadovaná životnost lístku" -#: src/providers/krb5/krb5_child.c:3252 +#: src/providers/krb5/krb5_child.c:3253 msgid "Requested renewable lifetime of the ticket" msgstr "Požadovaná obnovitelná životnosti lístku" -#: src/providers/krb5/krb5_child.c:3254 +#: src/providers/krb5/krb5_child.c:3255 msgid "FAST options ('never', 'try', 'demand')" msgstr "FAST volby („never“, „try“, „demand“)" -#: src/providers/krb5/krb5_child.c:3257 +#: src/providers/krb5/krb5_child.c:3258 msgid "Specifies the server principal to use for FAST" msgstr "Určuje principal serveru které použít pro FAST" -#: src/providers/krb5/krb5_child.c:3259 +#: src/providers/krb5/krb5_child.c:3260 msgid "Requests canonicalization of the principal name" msgstr "Požaduje kanonizaci názvu principalu" -#: src/providers/krb5/krb5_child.c:3261 +#: src/providers/krb5/krb5_child.c:3262 msgid "Use custom version of krb5_get_init_creds_password" msgstr "Použít uživatelsky určenou verzi krb5_get_init_creds_password" @@ -1669,149 +1683,149 @@ msgstr "Použít uživatelsky určenou verzi krb5_get_init_creds_password" msgid "Domain of the information provider (mandatory)" msgstr "Doména poskytovatele informace (povinné)" -#: src/sss_client/common.c:1084 +#: src/sss_client/common.c:1079 msgid "Privileged socket has wrong ownership or permissions." msgstr "Privilegovaný soket má nesprávné vlastnictví nebo oprávnění." -#: src/sss_client/common.c:1087 +#: src/sss_client/common.c:1082 msgid "Public socket has wrong ownership or permissions." msgstr "Veřejný soket má chybné vlastnictví nebo oprávnění." -#: src/sss_client/common.c:1090 +#: src/sss_client/common.c:1085 msgid "Unexpected format of the server credential message." msgstr "Neočekávaný formát zprávy o pověřeních serveru." -#: src/sss_client/common.c:1093 +#: src/sss_client/common.c:1088 msgid "SSSD is not run by root." msgstr "SSSD není spouštěno správcem." -#: src/sss_client/common.c:1096 +#: src/sss_client/common.c:1091 msgid "SSSD socket does not exist." msgstr "SSSD soket neexistuje." -#: src/sss_client/common.c:1099 +#: src/sss_client/common.c:1094 msgid "Cannot get stat of SSSD socket." msgstr "Nedaří se získat stav SSSD soketu." -#: src/sss_client/common.c:1104 +#: src/sss_client/common.c:1099 msgid "An error occurred, but no description can be found." msgstr "Došlo k chybě, ale nedaří se najít popis." -#: src/sss_client/common.c:1110 +#: src/sss_client/common.c:1105 msgid "Unexpected error while looking for an error description" msgstr "Neočekávaná chyba při hledání popisu chyby" -#: src/sss_client/pam_sss.c:67 +#: src/sss_client/pam_sss.c:68 msgid "Permission denied. " msgstr "Přístup odepřen." -#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:778 -#: src/sss_client/pam_sss.c:789 +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 msgid "Server message: " msgstr "Zpráva ze serveru:" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/sss_client/pam_sss.c:296 +#: src/sss_client/pam_sss.c:297 msgid "Passwords do not match" msgstr "Zadání hesla se neshodují" -#: src/sss_client/pam_sss.c:484 +#: src/sss_client/pam_sss.c:485 msgid "Password reset by root is not supported." msgstr "Reset hesla správcem není podporován." -#: src/sss_client/pam_sss.c:525 +#: src/sss_client/pam_sss.c:526 msgid "Authenticated with cached credentials" msgstr "Přihlášeni přihlašovacími údaji z mezipaměti" -#: src/sss_client/pam_sss.c:526 +#: src/sss_client/pam_sss.c:527 msgid ", your cached password will expire at: " msgstr ", platnost mezipaměti skončí v:" -#: src/sss_client/pam_sss.c:556 +#: src/sss_client/pam_sss.c:557 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "Platnost vašeho hesla skončila. Zbývá vám %1$d přihlášení." -#: src/sss_client/pam_sss.c:602 +#: src/sss_client/pam_sss.c:603 #, c-format msgid "Your password will expire in %1$d %2$s." msgstr "Platnost vašeho hesla skončí v %1$d %2$s." -#: src/sss_client/pam_sss.c:651 +#: src/sss_client/pam_sss.c:652 msgid "Authentication is denied until: " msgstr "Ověření odepřeno do:" -#: src/sss_client/pam_sss.c:672 +#: src/sss_client/pam_sss.c:673 msgid "System is offline, password change not possible" msgstr "Systém není dostupný, změna hesla není možná" -#: src/sss_client/pam_sss.c:687 +#: src/sss_client/pam_sss.c:688 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" "Po změně OTP hesla, je třeba se odhlásit/přihlásit aby byl získán lístek" -#: src/sss_client/pam_sss.c:775 src/sss_client/pam_sss.c:788 +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 msgid "Password change failed. " msgstr "Změna hesla se nezdařila." -#: src/sss_client/pam_sss.c:1989 +#: src/sss_client/pam_sss.c:2008 msgid "New Password: " msgstr "Nové heslo:" -#: src/sss_client/pam_sss.c:1990 +#: src/sss_client/pam_sss.c:2009 msgid "Reenter new Password: " msgstr "Zopakování nového hesla:" -#: src/sss_client/pam_sss.c:2152 src/sss_client/pam_sss.c:2155 +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 msgid "First Factor: " msgstr "Hlavní faktor:" -#: src/sss_client/pam_sss.c:2153 src/sss_client/pam_sss.c:2324 +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 msgid "Second Factor (optional): " msgstr "Druhý faktor (volitelné):" -#: src/sss_client/pam_sss.c:2156 src/sss_client/pam_sss.c:2327 +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 msgid "Second Factor: " msgstr "Druhý faktor:" # auto translated by TM merge from project: anaconda, version: f25, DocId: main -#: src/sss_client/pam_sss.c:2171 +#: src/sss_client/pam_sss.c:2190 msgid "Password: " msgstr "Heslo: " -#: src/sss_client/pam_sss.c:2323 src/sss_client/pam_sss.c:2326 +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 msgid "First Factor (Current Password): " msgstr "Hlavní faktor (stávající heslo):" -#: src/sss_client/pam_sss.c:2330 +#: src/sss_client/pam_sss.c:2349 msgid "Current Password: " msgstr "Stávající heslo:" -#: src/sss_client/pam_sss.c:2685 +#: src/sss_client/pam_sss.c:2704 msgid "Password expired. Change your password now." msgstr "Platnost hesla skončila. Změňte si ho." #: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:204 src/tools/sss_useradd.c:48 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:704 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 msgid "The debug level to run with" msgstr "Úroveň ladících informací, se kterou spustit" #: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:208 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 msgid "The SSSD domain to use" msgstr "SSSD doména, kterou použít" #: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:750 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 msgid "Error setting the locale\n" msgstr "Chyba při nastavování místního a jazykového nastavení\n" @@ -1827,27 +1841,27 @@ msgstr "Uživatel nezadán\n" msgid "Error looking up public keys\n" msgstr "Chyba při hledání veřejných klíčů\n" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:206 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 msgid "The port to use to connect to the host" msgstr "Port který použít pro připojení se k hostiteli" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 msgid "Print the host ssh public keys" msgstr "Vypsat veřejné ssh klíče stroje" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 msgid "Invalid port\n" msgstr "Neplatný port\n" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:257 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 msgid "Host not specified\n" msgstr "Stroj neurčen\n" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:263 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 msgid "The path to the proxy command must be absolute\n" msgstr "Je třeba, aby popis umístění příkazu proxy byl úplný\n" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:342 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 #, c-format msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" msgstr "sss_ssh_knownhostsproxy: Nedaří se přeložit název stroje %s\n" @@ -1900,21 +1914,21 @@ msgstr "Zadejte uživatele kterého přidat\n" #: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 #: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:198 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 #: src/tools/sss_usermod.c:162 msgid "Error initializing the tools - no local domain\n" msgstr "Chyba při inicializaci nástrojů – žádná místní doména\n" #: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 #: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:200 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 #: src/tools/sss_usermod.c:164 msgid "Error initializing the tools\n" msgstr "Chyba při inicializaci nástrojů\n" #: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 #: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:209 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 #: src/tools/sss_usermod.c:173 msgid "Invalid domain specified in FQDN\n" msgstr "V FQDN zadána neplatná doména\n" @@ -1935,7 +1949,7 @@ msgstr "Je třeba, aby skupiny byly ve stejné doméně, jako uživatel\n" msgid "Cannot find group %1$s in local domain\n" msgstr "Skupinu %1$s se nedaří nalézt v místní doméně\n" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:219 +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 msgid "Cannot set default values\n" msgstr "Nedaří se nastavit výchozí hodnoty\n" @@ -2017,7 +2031,7 @@ msgstr "Identifikátor skupiny %1$s se nachází mimo určený rozsah pro domén #: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 #: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:295 src/tools/sss_usermod.c:282 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 #: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 #, c-format msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" @@ -2092,15 +2106,15 @@ msgstr "Skupinu se nedaří upravit – zkontrolujte, že je její název správ msgid "Transaction error. Could not modify group.\n" msgstr "Chyba transakce. Skupinu se nedaří změnit.\n" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Magické soukromé" + #: src/tools/sss_groupshow.c:615 #, c-format msgid "%1$s%2$sGroup: %3$s\n" msgstr "%1$s%2$sskupina: %3$s\n" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Magické soukromé" - #: src/tools/sss_groupshow.c:618 #, c-format msgid "%1$sGID number: %2$d\n" @@ -2145,72 +2159,72 @@ msgstr "" msgid "Internal error. Could not print group.\n" msgstr "Vnitřní chyby. Skupinu se nedaří vypsat.\n" -#: src/tools/sss_userdel.c:136 +#: src/tools/sss_userdel.c:138 msgid "Remove home directory and mail spool" msgstr "Odebrat domovskou složku a e-mailovou schránku" -#: src/tools/sss_userdel.c:138 +#: src/tools/sss_userdel.c:140 msgid "Do not remove home directory and mail spool" msgstr "Neodebrat domovskou složku a e-mailovou schránku" -#: src/tools/sss_userdel.c:140 +#: src/tools/sss_userdel.c:142 msgid "Force removal of files not owned by the user" msgstr "Vynutit odebrání souborů, nevlastněných uživatelem" -#: src/tools/sss_userdel.c:142 +#: src/tools/sss_userdel.c:144 msgid "Kill users' processes before removing him" msgstr "" "Před jeho odebráním, vynutit ukončení všech procesů, spuštěných jak uživatel" -#: src/tools/sss_userdel.c:188 +#: src/tools/sss_userdel.c:190 msgid "Specify user to delete\n" msgstr "Zadejte uživatele, kterého smazat\n" -#: src/tools/sss_userdel.c:234 +#: src/tools/sss_userdel.c:236 #, c-format msgid "User %1$s is outside the defined ID range for domain\n" msgstr "" "Uživatel %1$s se nachází mimo určený rozsah idenfifikátorů pro doménu\n" -#: src/tools/sss_userdel.c:259 +#: src/tools/sss_userdel.c:261 msgid "Cannot reset SELinux login context\n" msgstr "Nedaří se resetovat SELinux přihlašovací kontext\n" -#: src/tools/sss_userdel.c:271 +#: src/tools/sss_userdel.c:273 #, c-format msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" msgstr "VAROVÁNÍ: uživatel (uid %1$lu) byl při mazání stále přihlášen.\n" -#: src/tools/sss_userdel.c:276 +#: src/tools/sss_userdel.c:278 msgid "Cannot determine if the user was logged in on this platform" msgstr "Nedaří se zjistit zda uživatel byl přihlášen na této platformě." -#: src/tools/sss_userdel.c:281 +#: src/tools/sss_userdel.c:283 msgid "Error while checking if the user was logged in\n" msgstr "Chyba při zjišťování zda byl uživatel přihlášen\n" -#: src/tools/sss_userdel.c:288 +#: src/tools/sss_userdel.c:290 #, c-format msgid "The post-delete command failed: %1$s\n" msgstr "Příkaz po smazání se nezdařil: %1$s\n" -#: src/tools/sss_userdel.c:308 +#: src/tools/sss_userdel.c:310 msgid "Not removing home dir - not owned by user\n" msgstr "Neodebírá se domovská složka – nevlastněno uživatelem\n" -#: src/tools/sss_userdel.c:310 +#: src/tools/sss_userdel.c:312 #, c-format msgid "Cannot remove homedir: %1$s\n" msgstr "Nedaří se odebrat domovskou složku: %1$s\n" -#: src/tools/sss_userdel.c:324 +#: src/tools/sss_userdel.c:326 msgid "" "No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" "V místní doméně žádný takový uživatel neexistuje. Odebírání uživatelů je " "dovoleno pouze v místní doméně.\n" -#: src/tools/sss_userdel.c:329 +#: src/tools/sss_userdel.c:331 msgid "Internal error. Could not remove user.\n" msgstr "Vnitřní chyba. Uživatele se nedaří odebrat.\n" @@ -2293,71 +2307,71 @@ msgstr "Nedaří se zneplatnit %1$s\n" msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Nedaří se zneplatnit %1$s %2$s\n" -#: src/tools/sss_cache.c:706 +#: src/tools/sss_cache.c:721 msgid "Invalidate all cached entries" msgstr "Zneplatnit veškeré položky v mezipaměti" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:723 msgid "Invalidate particular user" msgstr "Zneplatnit konkrétního uživatele" -#: src/tools/sss_cache.c:710 +#: src/tools/sss_cache.c:725 msgid "Invalidate all users" msgstr "Zneplatnit všechny uživatele" -#: src/tools/sss_cache.c:712 +#: src/tools/sss_cache.c:727 msgid "Invalidate particular group" msgstr "Zneplatnit konkrétní skupinu" -#: src/tools/sss_cache.c:714 +#: src/tools/sss_cache.c:729 msgid "Invalidate all groups" msgstr "Zneplatnit všechny skupiny" -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:731 msgid "Invalidate particular netgroup" msgstr "Zneplatnit konkrétní síťovou skupinu" -#: src/tools/sss_cache.c:718 +#: src/tools/sss_cache.c:733 msgid "Invalidate all netgroups" msgstr "Zneplatnit veškeré síťové skupiny" -#: src/tools/sss_cache.c:720 +#: src/tools/sss_cache.c:735 msgid "Invalidate particular service" msgstr "Zneplatnit konkrétní službu" -#: src/tools/sss_cache.c:722 +#: src/tools/sss_cache.c:737 msgid "Invalidate all services" msgstr "Zneplatnit všechny služby" -#: src/tools/sss_cache.c:725 +#: src/tools/sss_cache.c:740 msgid "Invalidate particular autofs map" msgstr "Zneplatnit konkrétní autofs mapu" -#: src/tools/sss_cache.c:727 +#: src/tools/sss_cache.c:742 msgid "Invalidate all autofs maps" msgstr "Zneplatnit veškeré autofs mapy" -#: src/tools/sss_cache.c:731 +#: src/tools/sss_cache.c:746 msgid "Invalidate particular SSH host" msgstr "Zneplatnit konkrétního SSH hostitele" -#: src/tools/sss_cache.c:733 +#: src/tools/sss_cache.c:748 msgid "Invalidate all SSH hosts" msgstr "Zneplatnit veškeré SSH hostitele" -#: src/tools/sss_cache.c:737 +#: src/tools/sss_cache.c:752 msgid "Invalidate particular sudo rule" msgstr "Zneplatnit konkrétní sudo pravidlo" -#: src/tools/sss_cache.c:739 +#: src/tools/sss_cache.c:754 msgid "Invalidate all cached sudo rules" msgstr "Zneplatnit veškerá sudo pravidla v mezipaměti" -#: src/tools/sss_cache.c:742 +#: src/tools/sss_cache.c:757 msgid "Only invalidate entries from a particular domain" msgstr "Zneplatnit pouze položky z konkrétní domény" -#: src/tools/sss_cache.c:796 +#: src/tools/sss_cache.c:811 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2365,11 +2379,11 @@ msgstr "" "Poskytnuty neočekávané argumenty, volby které zneplatňují jediný objekt " "přijímají pouze jediný zadaný argument.\n" -#: src/tools/sss_cache.c:806 +#: src/tools/sss_cache.c:821 msgid "Please select at least one object to invalidate\n" msgstr "Vyberte alespoň jeden objekt, který zneplatnit\n" -#: src/tools/sss_cache.c:889 +#: src/tools/sss_cache.c:904 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2378,7 +2392,7 @@ msgstr "" "Nedaří se otevřít doménu %1$s. Pokud je domény dílčí doménou (důvěryhodná " "doména), použijte úplný název namísto parametru --domain/-d." -#: src/tools/sss_cache.c:894 +#: src/tools/sss_cache.c:909 msgid "Could not open available domains\n" msgstr "Nedaří se otevřít které domény jsou k dispozici\n" @@ -2415,7 +2429,6 @@ msgid "Invalid result." msgstr "Neplatný výsledek." #: src/tools/sssctl/sssctl.c:78 -#, c-format msgid "Unable to read user input\n" msgstr "Nedaří se číst vstup od uživatele\n" @@ -2425,7 +2438,6 @@ msgid "Invalid input, please provide either '%s' or '%s'.\n" msgstr "Neplatný vstup, zadejte buď „%s“ nebo „%s“.\n" #: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -#, c-format msgid "Error while executing external command\n" msgstr "Chyba při vykonávání externího příkazu\n" @@ -2502,37 +2514,56 @@ msgstr "Okamžik skončení platnosti initgroups" msgid "Search by group ID" msgstr "Hledat podle identif. skupiny" -#: src/tools/sssctl/sssctl_config.c:67 +#: src/tools/sssctl/sssctl_config.c:70 #, c-format -msgid "" -"File %1$s does not exist. SSSD will use default configuration with files " -"provider.\n" +msgid "Failed to open %s\n" msgstr "" -"Soubor %1$s neexistuje. SSSD použije výchozí nastavení s poskytovatelem " -"files (soubory).\n" -#: src/tools/sssctl/sssctl_config.c:81 +#: src/tools/sssctl/sssctl_config.c:75 #, c-format +msgid "File %1$s does not exist.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:79 msgid "" "File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" "Kontrola vlastnictví a oprávnění souboru se nezdařila. Očekáváno root:root a " "0600.\n" -#: src/tools/sssctl/sssctl_config.c:104 +#: src/tools/sssctl/sssctl_config.c:85 +#, c-format +msgid "Failed to load configuration configuration from %s.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:115 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "Problémy identifikované ověřovači: %zu\n" -#: src/tools/sssctl/sssctl_config.c:114 +#: src/tools/sssctl/sssctl_config.c:126 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "Zprávy vytvořené při slučování nastavení: %zu\n" -#: src/tools/sssctl/sssctl_config.c:127 +#: src/tools/sssctl/sssctl_config.c:137 #, c-format -msgid "Used configuration snippet files: %u\n" -msgstr "Použité soubory s útržky nastavení: %u\n" +msgid "Used configuration snippet files: %zu\n" +msgstr "" #: src/tools/sssctl/sssctl_data.c:89 #, c-format @@ -2544,12 +2575,10 @@ msgid "SSSD backup of local data already exists, override?" msgstr "SSSD záloha místních dat už existuje, přepsat?" #: src/tools/sssctl/sssctl_data.c:111 -#, c-format msgid "Unable to export user overrides\n" msgstr "Nedaří se exportovat uživatelské přebití\n" #: src/tools/sssctl/sssctl_data.c:118 -#, c-format msgid "Unable to export group overrides\n" msgstr "Nedaří se exportovat přebití skupin\n" @@ -2558,17 +2587,15 @@ msgid "Override existing backup" msgstr "Přepsat existující zálohu" #: src/tools/sssctl/sssctl_data.c:164 -#, c-format msgid "Unable to import user overrides\n" msgstr "Nedaří se importovat přebití uživatelů\n" #: src/tools/sssctl/sssctl_data.c:173 -#, c-format msgid "Unable to import group overrides\n" msgstr "Nedaří se importovat přebití skupin\n" #: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:315 +#: src/tools/sssctl/sssctl_domains.c:328 msgid "Start SSSD if it is not running" msgstr "Pokud není, spustit proces služby sssd" @@ -2589,27 +2616,22 @@ msgid "Start SSSD when the cache is removed" msgstr "Při odebrání mezipaměti zastavit sssd" #: src/tools/sssctl/sssctl_data.c:235 -#, c-format msgid "Creating backup of local data...\n" msgstr "Vytváření zálohy místních dat…\n" #: src/tools/sssctl/sssctl_data.c:238 -#, c-format msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "Nedaří se vytvořit zálohu místních dat, nedaří se odebrat mezipaměť.\n" #: src/tools/sssctl/sssctl_data.c:243 -#, c-format msgid "Removing cache files...\n" msgstr "Odebírání souborů mezipaměti…\n" #: src/tools/sssctl/sssctl_data.c:246 -#, c-format msgid "Unable to remove cache files\n" msgstr "Nedaří se odebrat soubory mezipaměti\n" #: src/tools/sssctl/sssctl_data.c:251 -#, c-format msgid "Restoring local data...\n" msgstr "Obnovování místních dat…\n" @@ -2617,17 +2639,11 @@ msgstr "Obnovování místních dat…\n" msgid "Show domain list including primary or trusted domain type" msgstr "Zobrazit seznam domén včetně typu hlavní nebo důvěryhodná doména" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 #: src/tools/sssctl/sssctl_user_checks.c:95 -#, c-format msgid "Unable to connect to system bus!\n" msgstr "Nedaří se připojit ke sběrnici systému!\n" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "Online stav: %s\n" - #: src/tools/sssctl/sssctl_domains.c:167 msgid "Online" msgstr "Online" @@ -2636,53 +2652,62 @@ msgstr "Online" msgid "Offline" msgstr "Offline" -#: src/tools/sssctl/sssctl_domains.c:212 +#: src/tools/sssctl/sssctl_domains.c:167 #, c-format +msgid "Online status: %s\n" +msgstr "Online stav: %s\n" + +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_domains.c:218 msgid "Active servers:\n" msgstr "Aktivní servery:\n" -#: src/tools/sssctl/sssctl_domains.c:223 +#: src/tools/sssctl/sssctl_domains.c:230 msgid "not connected" msgstr "nepřipojeno" -#: src/tools/sssctl/sssctl_domains.c:260 +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_domains.c:273 #, c-format msgid "Discovered %s servers:\n" msgstr "Objeveno %s serverů:\n" -#: src/tools/sssctl/sssctl_domains.c:272 +#: src/tools/sssctl/sssctl_domains.c:285 msgid "None so far.\n" msgstr "Zatím žádné.\n" -#: src/tools/sssctl/sssctl_domains.c:312 +#: src/tools/sssctl/sssctl_domains.c:325 msgid "Show online status" msgstr "Zobrazit stav online" -#: src/tools/sssctl/sssctl_domains.c:313 +#: src/tools/sssctl/sssctl_domains.c:326 msgid "Show information about active server" msgstr "Zobrazit informace o aktivním serveru" -#: src/tools/sssctl/sssctl_domains.c:314 +#: src/tools/sssctl/sssctl_domains.c:327 msgid "Show list of discovered servers" msgstr "Zobrazit seznam objevených serverů" -#: src/tools/sssctl/sssctl_domains.c:320 +#: src/tools/sssctl/sssctl_domains.c:333 msgid "Specify domain name." msgstr "Zadejte název domény." # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/tools/sssctl/sssctl_domains.c:342 -#, c-format +#: src/tools/sssctl/sssctl_domains.c:355 msgid "Out of memory!\n" msgstr "Nedostatek paměti!\n" -#: src/tools/sssctl/sssctl_domains.c:362 src/tools/sssctl/sssctl_domains.c:372 -#, c-format +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 msgid "Unable to get online status\n" msgstr "Nedaří se zjistit stav online\n" -#: src/tools/sssctl/sssctl_domains.c:382 -#, c-format +#: src/tools/sssctl/sssctl_domains.c:395 msgid "Unable to get server list\n" msgstr "Nedaří se získat seznam serverů\n" @@ -2695,27 +2720,22 @@ msgid "Delete log files instead of truncating" msgstr "Namísto zkrácení soubory se záznamem událostí smazat" #: src/tools/sssctl/sssctl_logs.c:248 -#, c-format msgid "Deleting log files...\n" msgstr "Mazání souborů se záznamem událostí…\n" #: src/tools/sssctl/sssctl_logs.c:251 -#, c-format msgid "Unable to remove log files\n" msgstr "Nedaří se odebrat soubory se záznamem událostí\n" #: src/tools/sssctl/sssctl_logs.c:257 -#, c-format msgid "Truncating log files...\n" msgstr "Zkracování souborů…\n" #: src/tools/sssctl/sssctl_logs.c:260 -#, c-format msgid "Unable to truncate log files\n" msgstr "Nedaří se zkrátit soubory se záznamem událostí\n" #: src/tools/sssctl/sssctl_logs.c:286 -#, c-format msgid "Out of memory!" msgstr "Došla paměť!" @@ -2725,7 +2745,6 @@ msgid "Archiving log files into %s...\n" msgstr "Archivují se soubory se záznamem událostí do %s…\n" #: src/tools/sssctl/sssctl_logs.c:292 -#, c-format msgid "Unable to archive log files\n" msgstr "Nedaří se archivovat soubory se záznamem událostí\n" @@ -2734,7 +2753,6 @@ msgid "Specify debug level you want to set" msgstr "Zadejte stupeň podrobností ladících informací, který chcete nastavit" #: src/tools/sssctl/sssctl_user_checks.c:117 -#, c-format msgid "SSSD InfoPipe user lookup result:\n" msgstr "Výsledek SSSD InfoPipe uživatel:\n" @@ -2749,7 +2767,6 @@ msgid "dlsym failed with [%s].\n" msgstr "dlsym se nezdařilo s [%s].\n" #: src/tools/sssctl/sssctl_user_checks.c:182 -#, c-format msgid "malloc failed.\n" msgstr "malloc se nezdařilo.\n" @@ -2759,7 +2776,6 @@ msgid "sss_getpwnam_r failed with [%d].\n" msgstr "sss_getpwnam_r se nezdařilo s [%d].\n" #: src/tools/sssctl/sssctl_user_checks.c:194 -#, c-format msgid "SSSD nss user lookup result:\n" msgstr "Výsledek SSSD nss hledání uživatele:\n" @@ -2818,123 +2834,114 @@ msgstr "uživatel: %s\n" "služba: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:253 +#: src/tools/sssctl/sssctl_user_checks.c:252 #, c-format msgid "User name lookup with [%s] failed.\n" msgstr "Vyhledání uživatelského jména s [%s] se nezdařilo.\n" -#: src/tools/sssctl/sssctl_user_checks.c:258 +#: src/tools/sssctl/sssctl_user_checks.c:257 #, c-format msgid "InfoPipe User lookup with [%s] failed.\n" msgstr "InfoPipe vyhledání uživatele s [%s] se nezdařilo.\n" -#: src/tools/sssctl/sssctl_user_checks.c:265 +#: src/tools/sssctl/sssctl_user_checks.c:263 #, c-format msgid "pam_start failed: %s\n" msgstr "pam_start se nezdařilo: %s\n" -#: src/tools/sssctl/sssctl_user_checks.c:270 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:268 msgid "testing pam_authenticate\n" "\n" msgstr "zkoušení pam_authenticate\n" "\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:274 +#: src/tools/sssctl/sssctl_user_checks.c:272 #, c-format msgid "pam_get_item failed: %s\n" msgstr "pam_get_item se nezdařilo: %s\n" -#: src/tools/sssctl/sssctl_user_checks.c:278 +#: src/tools/sssctl/sssctl_user_checks.c:275 #, c-format msgid "pam_authenticate for user [%s]: %s\n" "\n" msgstr "pam_authenticate pro uživatele [%s]: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:281 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:278 msgid "testing pam_chauthtok\n" "\n" msgstr "zkoušení pam_chauthtok\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:283 +#: src/tools/sssctl/sssctl_user_checks.c:280 #, c-format msgid "pam_chauthtok: %s\n" "\n" msgstr "pam_chauthtok: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:285 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:282 msgid "testing pam_acct_mgmt\n" "\n" msgstr "zkoušení pam_acct_mgmt\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:287 +#: src/tools/sssctl/sssctl_user_checks.c:284 #, c-format msgid "pam_acct_mgmt: %s\n" "\n" msgstr "pam_acct_mgmt: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:289 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:286 msgid "testing pam_setcred\n" "\n" msgstr "zkoušení pam_setcred\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:291 +#: src/tools/sssctl/sssctl_user_checks.c:288 #, c-format msgid "pam_setcred: [%s]\n" "\n" msgstr "pam_setcred: [%s]\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:293 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:290 msgid "testing pam_open_session\n" "\n" msgstr "zkoušení pam_open_session\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:295 +#: src/tools/sssctl/sssctl_user_checks.c:292 #, c-format msgid "pam_open_session: %s\n" "\n" msgstr "pam_open_session: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:297 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:294 msgid "testing pam_close_session\n" "\n" msgstr "zkoušení pam_close_session\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:299 +#: src/tools/sssctl/sssctl_user_checks.c:296 #, c-format msgid "pam_close_session: %s\n" "\n" msgstr "pam_close_session: %s\n" "\n" -#: src/tools/sssctl/sssctl_user_checks.c:302 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:298 msgid "unknown action\n" msgstr "neznámá akce\n" -#: src/tools/sssctl/sssctl_user_checks.c:305 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:301 msgid "PAM Environment:\n" msgstr "PAM prostředí:\n" -#: src/tools/sssctl/sssctl_user_checks.c:313 -#, c-format +#: src/tools/sssctl/sssctl_user_checks.c:309 msgid " - no env -\n" msgstr " - žádné prostředí -\n" diff --git a/po/de.po b/po/de.po index 644ede9bff..97a099cbc7 100644 --- a/po/de.po +++ b/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -22,1619 +22,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Ausführlichkeitsstufe der Fehlerdiagnose festlegen" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Zeitstempel in Fehlerdiagnoseprotokollen einschließen" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Mikrosekunden in Zeitstempeln der Debug-Protokolle einschließen" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Fehlerdiagnosemeldungen in Protokolldateien schreiben" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Befehl zum Starten des Dienstes" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Anzahl der Verbindungsversuche zum Datenanbieter" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"Die Anzahl der Dateideskriptoren, die durch diesen Responder geöffnet werden " -"dürfen" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Untätige Zeit vor der automatischen Verbindungstrennung eines Clients " - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "SSSD-Dienste zum Starten" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "SSSD-Domains zum Starten" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Zeitüberschreitung für Meldungen, die über SBUS gesendet werden" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Regulärer Ausdruck zum Verarbeiten von Benutzername und Domain" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" -"Printf-kompatibles Format für die Darstellung voll ausgeschriebener Namen" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Verzeichnis im Dateisystem, in welchem SSSD Anwort-Zwischenspeicher-Dateien " -"ablegt." - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Domain, die zu Namen ohne Domain-Komponente hinzugefügt werden soll." - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Zeitspanne für den Aufzählungs-Zwischenspeicher (Sekunden)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" -"Zeitspanne für die Aktualisierung des Eintrags-Zwischenspeichers (Sekunden)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Zeitspanne für den negativen Zwischenspeicher (Sekunden)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Benutzer, die SSSD ausdrücklich ignorieren soll" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Gruppen, die SSSD ausdrücklich ignorieren soll" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Anzeige von gefilterten Benutzern in Gruppen" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" -"Der Wert des Passwort-Feldes, das der NSS-Dienstanbieter zurückgeben sollte" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"homedir-Wert des Identitäts-Anbieters wird durch diesen Wert außer Kraft " -"gesetzt" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Leerer homedir-Wert des Identitäts-Anbieters wird durch diesen Wert ersetzt" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" -"Shell-Wert des Identitäts-Anbieters wird durch diesen Wert außer Kraft " -"gesetzt" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "Liste der Shells, mit denen sich der Benutzer anmelden darf" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"Die Liste der Shells, die abgewiesen und durch eine Ausweich-Shell ersetzt " -"werden" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Falls eine Shell im zentralen Verzeichnis zugelassen, aber nicht verfügbar " -"ist, wird auf diese ausgewichen" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Zu verwendende Shell, wenn der Anbieter keine auflistet" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Gültigkeitsdauer der speichereigenen Zwischenspeicher-Datensätze" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Gibt die Anzahl der Tage an, für die zwischengespeicherte Anmeldungen " -"zwischen Online-Anmeldungen zulässig sind" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Anzahl der zulässigen fehlgeschlagenen Anmeldungen im Offline-Modus" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Zeitspanne in Minuten, nach der die Anmeldung verweigert wird, wenn " -"offline_failed_login_attempts erreicht wurde" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" -"Gibt die Art der Meldungen an, die dem Benutzer während der " -"Authentifizierung angezeigt werden" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Anzahl der Sekunden, die zwischengespeicherte PAM-Anfragen aufbewahrt werden " -"sollen" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" -"Gibt die Anzahl der Tage vor dem Ablauf des Passworts an, bis eine Warnung " -"angezeigt wird" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" -"Gibt an, ob zeitbasierte Attribute in Sudo-Regeln berechnet werden sollen" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Gibt an, ob Prüfsummen von Hostnamen und Adressen in der Datei known_hosts " -"gespeichert werden" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Anzahl der Sekunden, die ein Rechner in der Datei known_host behalten werden " -"soll, nachdem dessen Schlüssel abgefragt wurden" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den PAC-" -"Responder" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den InfoPipe-" -"Responder" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Liste der Benutzerattribute, die InfoPipe veröffentlichen darf" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Identitäts-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Authentifizierungs-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Zugriffskontroll-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Passwortänderungs-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "SUDO-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Autofs-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Rechner-Identitäts-Anbieter" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Minimale Benutzer‐ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Maximale Benutzer‐ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Auflistung aller Benutzer/Gruppen aktivieren" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Zwischengespeicherte Anmeldedaten für Offline-Anmeldung" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Benutzer/Gruppen in voll ausgeschriebener Form anzeigen" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Gruppenmitglieder in Gruppen-Suchanfragen nicht einschließen" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Zeitspanne für den Eintrags-Zwischenspeicher (Sekunden)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Eine spezifische Adressfamilie beim Ausführen von DNS-Suchanfragen " -"beschränken oder bevorzugen" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Gibt die Anzahl der Tage an, wie lange zwischengespeicherte Einträge nach " -"der letzten Anmeldung aufbewahrt werden" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" -"Gibt die Anzahl Sekunden an, wie lange beim Auflösen von Servernamen auf " -"Antworten vom DNS-Dienst gewartet werden soll" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Der Domain-Teil der DNS-Abfrage zur Dienstsuche" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" -"Den Gruppen-ID-Wert des Identitäts-Anbieters mit diesem Wert überschreiben" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Groß-/Kleinschreibung in Benutzernamen berücksichtigen" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Anzahl der Auffrischung abgelaufener Einträge im Hintergrund" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" -"Die auf den DNS-Eintrag des Clients anzuwendende TTL, nachdem dieser " -"aktualisiert wurde" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"Schnittstelle, deren IP für dynamische DNS-Aktualisierungen verwendet werden " -"soll" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Gibt an, wie oft der DNS-Eintrag des Clients aktualisiert werden soll" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" -"Gibt an, ob der Anbieter den PTR-Datensatz ebenfalls explizit aktualisieren " -"soll" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Gibt an, ob das nsupdate-Dienstprogramm per Vorgabe TCP verwenden soll" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" -"Gibt an, welche Art der Authentifizierung bei der DNS-Aktualisierung " -"verwendet werden soll" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Aufzählung vertrauenswürdiger Domains steuern" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Anzahl der Auffrischung der Subdomain-Liste" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-Domain" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA-Serveradresse" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adresse des Ersatz-IPA-Servers" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA-Client-Rechnername" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" -"Gibt an, ob der DNS-Eintrag des Clients in FreeIPA automatisch aktualisiert " -"werden soll" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Suchbasis für HBAC-bezogene Objekte" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" -"Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an " -"den IPA-Server" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" -"Falls auf »false« gesetzt, wird das von PAM angegebene Host-Argument " -"ignoriert" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "Der Automounter-Ort, den dieser IPA-Client verwendet" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" -"Suchbasis für Objekte, die Informationen über eine IPA-Domain enthalten" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "Suchbasis für Objekte, die Informationen über ID-Bereiche enthalten" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "DNS-Sites aktivieren – standortbasierte Dienstsuche" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Active-Directory-Domain" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Adresse des Active-Directory-Servers" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Adresse des Ersatz-Active-Directory-Servers" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Hostname des Active-Directory-Clients" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Verwendung des globalen Katalogs für Suchvorgänge" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Operationsmodus für GPO-basierte Zuhgriffskontrolle" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos-Serveradresse" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Adresse des Ersatz-Kerberos-Servers" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos-Realm" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Zeitüberschreitung bei Authentifizierung" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Gibt an, ob kdcinfo-Dateien angelegt werden" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Verzeichnis zum Speichern der Anmeldedaten" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Ort des Zwischenspeichers für die Anmeldedaten des Benutzers" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Ort der Schlüsseltabelle zum Überprüfen von Anmeldedaten" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Validierung der Anmeldedaten aktivieren" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "Passwort im Offline-Modus für spätere Online-Anmeldung speichern" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Erneuerung der Lebensdauer des TGT" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Lebensdauer des TGT" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Zeitspanne zwischen zwei Prüfungen, ob Erneuerung nötig ist" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Aktiviert FAST" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Wählt den für FAST zu verwendenden Principal aus" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Aktiviert Kanonisierung des Principals" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Enterprise-Principals aktivieren" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Server, auf dem der Dienst zum Ändern des Passworts läuft, falls nicht KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, die URI des LDAP-Servers" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, die URI des LDAP-Servers" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Vorgegebene Basis-DN" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Vorgegebene Bind-DN" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Zeitspanne für einen Verbindungsversuch" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" -"Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-Modus" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Nur Großschreibung für Realm-Namen verwenden" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Datei, die CA-Zertifikate enthält" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Pfad zum CA-Zertifikatverzeichnis" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Datei, die das Client-Zertifikat enthält" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Datei, die den Client-Schlüssel enthält" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Liste der möglichen Verschlüsselungs-Suites" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "TLS-Zertifikatüberprüfung erforderlich machen" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Zu verwendenden sasl-Mechanismus angeben" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Zu verwendende ID für sasl-Authentifizierung angeben" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Schlüsseltabelle des Kerberos-Dienstes" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "LDAP-Verweisen folgen" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Lebensdauer von TGT für LDAP-Verbindung" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Dereferenzierung von Aliasen" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Dienstname für DNS-Service-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"Anzahl der Elemente, die fehlen müssen, um eine vollständige " -"Dereferenzierung auszulösen" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" -"Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um den " -"Rechnernamen während einer SASL-Bindung zu kanonisieren" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "entryUSN-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "lastUSN-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" -"Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese " -"unterbrochen wird" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "LDAP-Paging-Steuerung deaktivieren" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Bereichsermittlung für Active Directory deaktivieren" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Zeitspanne zum Warten auf eine Suchanfrage" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Zeitspanne zwischen Auflistungsanfragen" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "TLS für ID-Suchvorgänge erforderlich machen" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Basis-DN für Benutzer-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Bereich für Benutzer-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filter für Benutzer-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objektklasse für Benutzer" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Benutzername-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "UID-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Primäres GID-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "GECOS-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Home-Verzeichnis-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Shell-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "objectSID -Attribut" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Principal-Attribut verwenden (für Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Vollständiger Name" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "memberOf-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Änderungszeit-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "shadowLastChange-attribut" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "shadowMin-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "shadowMax Attribut" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "shadowWarning-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "shadowInactive-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "shadowExpire-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "shadowFlag-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "krbLastPwdChange-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "krbPasswordExpiration-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" -"Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv sind" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "accountExpires-Attribut von AD" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "userAccountControl-Attribut von AD" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "nsAccountLock-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "loginDisabled-Attribut von NDS" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "loginExpirationTime-Attribut von NDS" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "loginAllowedTimeMap-Attribut von NDS" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Attribut für öffentlichen SSH-Schlüssel" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" -"Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem " -"Benutzereintrag" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "Basis-DN für Gruppen-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Objektklasse für Gruppen" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Gruppenname" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Gruppenpasswort" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Gruppen-ID-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Gruppen-Mitgliedschafts-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Änderungszeit-Attribut für Gruppen" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Typ der Gruppe und weitere Flags" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "Basis-DN für Netzgruppen-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Objektklasse für Netzgruppen" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Netzgruppenname" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Netzgruppen-Mitglieder-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Netzgruppen-Tripel-Attribut" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Änderungszeit-Attribut für Netzgruppen" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Basis-DN für Dienste-Suchanfragen" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Objektklasse für Dienste" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Name-Attribut des Dienstes" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Port-Attribut des Dienstes" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Protokoll-Attribut des Dienstes" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Untere Grenze für ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Obere Grenze für ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Name der Vorgabe-Domain für ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID der Vorgabedomain für ID-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Verwendung von Token-Gruppen" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" -"Attribute, die bei der Ermittlung verwendet werden, ob ein Konto abgelaufen " -"ist" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Regeln für die Ermittlung der Zugriffskontrolle" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" -"Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer " -"Passwortänderung aktualisiert werden soll" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Periode für automatische vollständige Aktualisierung" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Periode für bedingte vollständige Aktualisierung" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" -"Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert " -"werden sollen" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum " -"Filtern von Sudo-Regeln" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von sudo-" -"Regeln" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " -"Netzgruppen enthalten" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die reguläre " -"Ausdrücke enthalten" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Objektklasse für Sudo-Regeln" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Sudo-Regelname" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Befehlsattribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Host-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Benutzer-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Optionsattribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "runasuser-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "runasgroup-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "notbefore-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "notafter-Attribut der sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Reihenfolge-Attribut der Sudo-Regel" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Objektklasse für Automounter-Zuweisungen" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Name-Attribut der Automounter-Zuweisung" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Objektklasse für Einträge von Automounter-Zuweisungen" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Wert-Attribut des Automounter-Zuweisungseintrags" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Vorgabeshell, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Wurzel für Benutzerverzeichnisse" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Name der zu verwendenden NSS-Bibliothek" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" -"Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen " -"Gruppennamen gesucht werden soll" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Zu verwendender PAM-Stapel" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Zum Hintergrunddienst werden (Vorgabe)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Interaktiv ausführen (nicht als Hintergrunddienst)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Angabe einer nicht standardmäßigen Konfigurationsdatei" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "Versionsnummer ausgeben und das Programm beenden" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Fehlerdiagnosestufe" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Debug-Zeitstempel hinzufügen" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "Zeitstempel mit Mikrosekunden anzeigen" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Offener Dateideskriptor für die Debug-Protokolle" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1674,7 +110,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Domain des Informationsanbieters (obligatorisch)" @@ -2534,7 +970,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2711,44 +1147,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "\n" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2957,3 +1393,891 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Ausführlichkeitsstufe der Fehlerdiagnose festlegen" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Zeitstempel in Fehlerdiagnoseprotokollen einschließen" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Mikrosekunden in Zeitstempeln der Debug-Protokolle einschließen" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Fehlerdiagnosemeldungen in Protokolldateien schreiben" + +#~ msgid "Command to start service" +#~ msgstr "Befehl zum Starten des Dienstes" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Anzahl der Verbindungsversuche zum Datenanbieter" + +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Die Anzahl der Dateideskriptoren, die durch diesen Responder geöffnet " +#~ "werden dürfen" + +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "Untätige Zeit vor der automatischen Verbindungstrennung eines Clients " + +#~ msgid "SSSD Services to start" +#~ msgstr "SSSD-Dienste zum Starten" + +#~ msgid "SSSD Domains to start" +#~ msgstr "SSSD-Domains zum Starten" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Zeitüberschreitung für Meldungen, die über SBUS gesendet werden" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Regulärer Ausdruck zum Verarbeiten von Benutzername und Domain" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Printf-kompatibles Format für die Darstellung voll ausgeschriebener Namen" + +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Verzeichnis im Dateisystem, in welchem SSSD Anwort-Zwischenspeicher-" +#~ "Dateien ablegt." + +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "" +#~ "Domain, die zu Namen ohne Domain-Komponente hinzugefügt werden soll." + +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Zeitspanne für den Aufzählungs-Zwischenspeicher (Sekunden)" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "" +#~ "Zeitspanne für die Aktualisierung des Eintrags-Zwischenspeichers " +#~ "(Sekunden)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Zeitspanne für den negativen Zwischenspeicher (Sekunden)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Benutzer, die SSSD ausdrücklich ignorieren soll" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Gruppen, die SSSD ausdrücklich ignorieren soll" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Anzeige von gefilterten Benutzern in Gruppen" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "" +#~ "Der Wert des Passwort-Feldes, das der NSS-Dienstanbieter zurückgeben " +#~ "sollte" + +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "homedir-Wert des Identitäts-Anbieters wird durch diesen Wert außer Kraft " +#~ "gesetzt" + +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Leerer homedir-Wert des Identitäts-Anbieters wird durch diesen Wert " +#~ "ersetzt" + +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "" +#~ "Shell-Wert des Identitäts-Anbieters wird durch diesen Wert außer Kraft " +#~ "gesetzt" + +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "Liste der Shells, mit denen sich der Benutzer anmelden darf" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Die Liste der Shells, die abgewiesen und durch eine Ausweich-Shell " +#~ "ersetzt werden" + +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Falls eine Shell im zentralen Verzeichnis zugelassen, aber nicht " +#~ "verfügbar ist, wird auf diese ausgewichen" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Zu verwendende Shell, wenn der Anbieter keine auflistet" + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Gültigkeitsdauer der speichereigenen Zwischenspeicher-Datensätze" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Gibt die Anzahl der Tage an, für die zwischengespeicherte Anmeldungen " +#~ "zwischen Online-Anmeldungen zulässig sind" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Anzahl der zulässigen fehlgeschlagenen Anmeldungen im Offline-Modus" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Zeitspanne in Minuten, nach der die Anmeldung verweigert wird, wenn " +#~ "offline_failed_login_attempts erreicht wurde" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Gibt die Art der Meldungen an, die dem Benutzer während der " +#~ "Authentifizierung angezeigt werden" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Anzahl der Sekunden, die zwischengespeicherte PAM-Anfragen aufbewahrt " +#~ "werden sollen" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "" +#~ "Gibt die Anzahl der Tage vor dem Ablauf des Passworts an, bis eine " +#~ "Warnung angezeigt wird" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "" +#~ "Gibt an, ob zeitbasierte Attribute in Sudo-Regeln berechnet werden sollen" + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Gibt an, ob Prüfsummen von Hostnamen und Adressen in der Datei " +#~ "known_hosts gespeichert werden" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Anzahl der Sekunden, die ein Rechner in der Datei known_host behalten " +#~ "werden soll, nachdem dessen Schlüssel abgefragt wurden" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den PAC-" +#~ "Responder" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den " +#~ "InfoPipe-Responder" + +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "Liste der Benutzerattribute, die InfoPipe veröffentlichen darf" + +#~ msgid "Identity provider" +#~ msgstr "Identitäts-Anbieter" + +#~ msgid "Authentication provider" +#~ msgstr "Authentifizierungs-Anbieter" + +#~ msgid "Access control provider" +#~ msgstr "Zugriffskontroll-Anbieter" + +#~ msgid "Password change provider" +#~ msgstr "Passwortänderungs-Anbieter" + +#~ msgid "SUDO provider" +#~ msgstr "SUDO-Anbieter" + +#~ msgid "Autofs provider" +#~ msgstr "Autofs-Anbieter" + +#~ msgid "Host identity provider" +#~ msgstr "Rechner-Identitäts-Anbieter" + +#~ msgid "Minimum user ID" +#~ msgstr "Minimale Benutzer‐ID" + +#~ msgid "Maximum user ID" +#~ msgstr "Maximale Benutzer‐ID" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Auflistung aller Benutzer/Gruppen aktivieren" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Zwischengespeicherte Anmeldedaten für Offline-Anmeldung" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Benutzer/Gruppen in voll ausgeschriebener Form anzeigen" + +#~ msgid "Don't include group members in group lookups" +#~ msgstr "Gruppenmitglieder in Gruppen-Suchanfragen nicht einschließen" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Zeitspanne für den Eintrags-Zwischenspeicher (Sekunden)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Eine spezifische Adressfamilie beim Ausführen von DNS-Suchanfragen " +#~ "beschränken oder bevorzugen" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Gibt die Anzahl der Tage an, wie lange zwischengespeicherte Einträge nach " +#~ "der letzten Anmeldung aufbewahrt werden" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Gibt die Anzahl Sekunden an, wie lange beim Auflösen von Servernamen auf " +#~ "Antworten vom DNS-Dienst gewartet werden soll" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Der Domain-Teil der DNS-Abfrage zur Dienstsuche" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "" +#~ "Den Gruppen-ID-Wert des Identitäts-Anbieters mit diesem Wert überschreiben" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Groß-/Kleinschreibung in Benutzernamen berücksichtigen" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Anzahl der Auffrischung abgelaufener Einträge im Hintergrund" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "Die auf den DNS-Eintrag des Clients anzuwendende TTL, nachdem dieser " +#~ "aktualisiert wurde" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "Schnittstelle, deren IP für dynamische DNS-Aktualisierungen verwendet " +#~ "werden soll" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "" +#~ "Gibt an, wie oft der DNS-Eintrag des Clients aktualisiert werden soll" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "" +#~ "Gibt an, ob der Anbieter den PTR-Datensatz ebenfalls explizit " +#~ "aktualisieren soll" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "" +#~ "Gibt an, ob das nsupdate-Dienstprogramm per Vorgabe TCP verwenden soll" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Gibt an, welche Art der Authentifizierung bei der DNS-Aktualisierung " +#~ "verwendet werden soll" + +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Aufzählung vertrauenswürdiger Domains steuern" + +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Anzahl der Auffrischung der Subdomain-Liste" + +#~ msgid "IPA domain" +#~ msgstr "IPA-Domain" + +#~ msgid "IPA server address" +#~ msgstr "IPA-Serveradresse" + +#~ msgid "Address of backup IPA server" +#~ msgstr "Adresse des Ersatz-IPA-Servers" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA-Client-Rechnername" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Gibt an, ob der DNS-Eintrag des Clients in FreeIPA automatisch " +#~ "aktualisiert werden soll" + +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Suchbasis für HBAC-bezogene Objekte" + +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "" +#~ "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "" +#~ "Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an " +#~ "den IPA-Server" + +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Falls auf »false« gesetzt, wird das von PAM angegebene Host-Argument " +#~ "ignoriert" + +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "Der Automounter-Ort, den dieser IPA-Client verwendet" + +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "" +#~ "Suchbasis für Objekte, die Informationen über eine IPA-Domain enthalten" + +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "Suchbasis für Objekte, die Informationen über ID-Bereiche enthalten" + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "DNS-Sites aktivieren – standortbasierte Dienstsuche" + +#~ msgid "Active Directory domain" +#~ msgstr "Active-Directory-Domain" + +#~ msgid "Active Directory server address" +#~ msgstr "Adresse des Active-Directory-Servers" + +#~ msgid "Active Directory backup server address" +#~ msgstr "Adresse des Ersatz-Active-Directory-Servers" + +#~ msgid "Active Directory client hostname" +#~ msgstr "Hostname des Active-Directory-Clients" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien" + +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Verwendung des globalen Katalogs für Suchvorgänge" + +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Operationsmodus für GPO-basierte Zuhgriffskontrolle" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos-Serveradresse" + +#~ msgid "Kerberos backup server address" +#~ msgstr "Adresse des Ersatz-Kerberos-Servers" + +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos-Realm" + +#~ msgid "Authentication timeout" +#~ msgstr "Zeitüberschreitung bei Authentifizierung" + +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Gibt an, ob kdcinfo-Dateien angelegt werden" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Verzeichnis zum Speichern der Anmeldedaten" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Ort des Zwischenspeichers für die Anmeldedaten des Benutzers" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Ort der Schlüsseltabelle zum Überprüfen von Anmeldedaten" + +#~ msgid "Enable credential validation" +#~ msgstr "Validierung der Anmeldedaten aktivieren" + +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "Passwort im Offline-Modus für spätere Online-Anmeldung speichern" + +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Erneuerung der Lebensdauer des TGT" + +#~ msgid "Lifetime of the TGT" +#~ msgstr "Lebensdauer des TGT" + +#~ msgid "Time between two checks for renewal" +#~ msgstr "Zeitspanne zwischen zwei Prüfungen, ob Erneuerung nötig ist" + +#~ msgid "Enables FAST" +#~ msgstr "Aktiviert FAST" + +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Wählt den für FAST zu verwendenden Principal aus" + +#~ msgid "Enables principal canonicalization" +#~ msgstr "Aktiviert Kanonisierung des Principals" + +#~ msgid "Enables enterprise principals" +#~ msgstr "Enterprise-Principals aktivieren" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Server, auf dem der Dienst zum Ändern des Passworts läuft, falls nicht KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, die URI des LDAP-Servers" + +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, die URI des LDAP-Servers" + +#~ msgid "The default base DN" +#~ msgstr "Vorgegebene Basis-DN" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307" + +#~ msgid "The default bind DN" +#~ msgstr "Vorgegebene Bind-DN" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Zeitspanne für einen Verbindungsversuch" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "" +#~ "Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-" +#~ "Modus" + +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Nur Großschreibung für Realm-Namen verwenden" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Datei, die CA-Zertifikate enthält" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Pfad zum CA-Zertifikatverzeichnis" + +#~ msgid "File that contains the client certificate" +#~ msgstr "Datei, die das Client-Zertifikat enthält" + +#~ msgid "File that contains the client key" +#~ msgstr "Datei, die den Client-Schlüssel enthält" + +#~ msgid "List of possible ciphers suites" +#~ msgstr "Liste der möglichen Verschlüsselungs-Suites" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "TLS-Zertifikatüberprüfung erforderlich machen" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Zu verwendenden sasl-Mechanismus angeben" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Zu verwendende ID für sasl-Authentifizierung angeben" + +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben" + +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Schlüsseltabelle des Kerberos-Dienstes" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "LDAP-Verweisen folgen" + +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Lebensdauer von TGT für LDAP-Verbindung" + +#~ msgid "How to dereference aliases" +#~ msgstr "Dereferenzierung von Aliasen" + +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Dienstname für DNS-Service-Suchanfragen" + +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze" + +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "Anzahl der Elemente, die fehlen müssen, um eine vollständige " +#~ "Dereferenzierung auszulösen" + +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um " +#~ "den Rechnernamen während einer SASL-Bindung zu kanonisieren" + +#~ msgid "entryUSN attribute" +#~ msgstr "entryUSN-Attribut" + +#~ msgid "lastUSN attribute" +#~ msgstr "lastUSN-Attribut" + +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese " +#~ "unterbrochen wird" + +#~ msgid "Disable the LDAP paging control" +#~ msgstr "LDAP-Paging-Steuerung deaktivieren" + +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Bereichsermittlung für Active Directory deaktivieren" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Zeitspanne zum Warten auf eine Suchanfrage" + +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Zeitspanne zwischen Auflistungsanfragen" + +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "TLS für ID-Suchvorgänge erforderlich machen" + +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden" + +#~ msgid "Base DN for user lookups" +#~ msgstr "Basis-DN für Benutzer-Suchanfragen" + +#~ msgid "Scope of user lookups" +#~ msgstr "Bereich für Benutzer-Suchanfragen" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filter für Benutzer-Suchanfragen" + +#~ msgid "Objectclass for users" +#~ msgstr "Objektklasse für Benutzer" + +#~ msgid "Username attribute" +#~ msgstr "Benutzername-Attribut" + +#~ msgid "UID attribute" +#~ msgstr "UID-Attribut" + +#~ msgid "Primary GID attribute" +#~ msgstr "Primäres GID-Attribut" + +#~ msgid "GECOS attribute" +#~ msgstr "GECOS-Attribut" + +#~ msgid "Home directory attribute" +#~ msgstr "Home-Verzeichnis-Attribut" + +#~ msgid "Shell attribute" +#~ msgstr "Shell-Attribut" + +#~ msgid "objectSID attribute" +#~ msgstr "objectSID -Attribut" + +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Principal-Attribut verwenden (für Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Vollständiger Name" + +#~ msgid "memberOf attribute" +#~ msgstr "memberOf-Attribut" + +#~ msgid "Modification time attribute" +#~ msgstr "Änderungszeit-Attribut" + +#~ msgid "shadowLastChange attribute" +#~ msgstr "shadowLastChange-attribut" + +#~ msgid "shadowMin attribute" +#~ msgstr "shadowMin-Attribut" + +#~ msgid "shadowMax attribute" +#~ msgstr "shadowMax Attribut" + +#~ msgid "shadowWarning attribute" +#~ msgstr "shadowWarning-Attribut" + +#~ msgid "shadowInactive attribute" +#~ msgstr "shadowInactive-Attribut" + +#~ msgid "shadowExpire attribute" +#~ msgstr "shadowExpire-Attribut" + +#~ msgid "shadowFlag attribute" +#~ msgstr "shadowFlag-Attribut" + +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet" + +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" + +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "krbLastPwdChange-Attribut" + +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "krbPasswordExpiration-Attribut" + +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv " +#~ "sind" + +#~ msgid "accountExpires attribute of AD" +#~ msgstr "accountExpires-Attribut von AD" + +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "userAccountControl-Attribut von AD" + +#~ msgid "nsAccountLock attribute" +#~ msgstr "nsAccountLock-Attribut" + +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "loginDisabled-Attribut von NDS" + +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "loginExpirationTime-Attribut von NDS" + +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "loginAllowedTimeMap-Attribut von NDS" + +#~ msgid "SSH public key attribute" +#~ msgstr "Attribut für öffentlichen SSH-Schlüssel" + +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem " +#~ "Benutzereintrag" + +#~ msgid "Base DN for group lookups" +#~ msgstr "Basis-DN für Gruppen-Suchanfragen" + +#~ msgid "Objectclass for groups" +#~ msgstr "Objektklasse für Gruppen" + +#~ msgid "Group name" +#~ msgstr "Gruppenname" + +#~ msgid "Group password" +#~ msgstr "Gruppenpasswort" + +#~ msgid "GID attribute" +#~ msgstr "Gruppen-ID-Attribut" + +#~ msgid "Group member attribute" +#~ msgstr "Gruppen-Mitgliedschafts-Attribut" + +#~ msgid "Modification time attribute for groups" +#~ msgstr "Änderungszeit-Attribut für Gruppen" + +#~ msgid "Type of the group and other flags" +#~ msgstr "Typ der Gruppe und weitere Flags" + +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "Basis-DN für Netzgruppen-Suchanfragen" + +#~ msgid "Objectclass for netgroups" +#~ msgstr "Objektklasse für Netzgruppen" + +#~ msgid "Netgroup name" +#~ msgstr "Netzgruppenname" + +#~ msgid "Netgroups members attribute" +#~ msgstr "Netzgruppen-Mitglieder-Attribut" + +#~ msgid "Netgroup triple attribute" +#~ msgstr "Netzgruppen-Tripel-Attribut" + +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Änderungszeit-Attribut für Netzgruppen" + +#~ msgid "Base DN for service lookups" +#~ msgstr "Basis-DN für Dienste-Suchanfragen" + +#~ msgid "Objectclass for services" +#~ msgstr "Objektklasse für Dienste" + +#~ msgid "Service name attribute" +#~ msgstr "Name-Attribut des Dienstes" + +#~ msgid "Service port attribute" +#~ msgstr "Port-Attribut des Dienstes" + +#~ msgid "Service protocol attribute" +#~ msgstr "Protokoll-Attribut des Dienstes" + +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Untere Grenze für ID-Zuweisung" + +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Obere Grenze für ID-Zuweisung" + +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung" + +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden" + +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Name der Vorgabe-Domain für ID-Zuweisung" + +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID der Vorgabedomain für ID-Zuweisung" + +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Verwendung von Token-Gruppen" + +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben" + +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts" + +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "" +#~ "Attribute, die bei der Ermittlung verwendet werden, ob ein Konto " +#~ "abgelaufen ist" + +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "Regeln für die Ermittlung der Zugriffskontrolle" + +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind" + +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind" + +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver" + +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer " +#~ "Passwortänderung aktualisiert werden soll" + +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln" + +#~ msgid "Automatic full refresh period" +#~ msgstr "Periode für automatische vollständige Aktualisierung" + +#~ msgid "Automatic smart refresh period" +#~ msgstr "Periode für bedingte vollständige Aktualisierung" + +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert " +#~ "werden sollen" + +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum " +#~ "Filtern von Sudo-Regeln" + +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von " +#~ "sudo-Regeln" + +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " +#~ "Netzgruppen enthalten" + +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " +#~ "reguläre Ausdrücke enthalten" + +#~ msgid "Object class for sudo rules" +#~ msgstr "Objektklasse für Sudo-Regeln" + +#~ msgid "Sudo rule name" +#~ msgstr "Sudo-Regelname" + +#~ msgid "Sudo rule command attribute" +#~ msgstr "Befehlsattribut der Sudo-Regel" + +#~ msgid "Sudo rule host attribute" +#~ msgstr "Host-Attribut der Sudo-Regel" + +#~ msgid "Sudo rule user attribute" +#~ msgstr "Benutzer-Attribut der Sudo-Regel" + +#~ msgid "Sudo rule option attribute" +#~ msgstr "Optionsattribut der Sudo-Regel" + +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "runasuser-Attribut der Sudo-Regel" + +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "runasgroup-Attribut der Sudo-Regel" + +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "notbefore-Attribut der Sudo-Regel" + +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "notafter-Attribut der sudo-Regel" + +#~ msgid "Sudo rule order attribute" +#~ msgstr "Reihenfolge-Attribut der Sudo-Regel" + +#~ msgid "Object class for automounter maps" +#~ msgstr "Objektklasse für Automounter-Zuweisungen" + +#~ msgid "Automounter map name attribute" +#~ msgstr "Name-Attribut der Automounter-Zuweisung" + +#~ msgid "Object class for automounter map entries" +#~ msgstr "Objektklasse für Einträge von Automounter-Zuweisungen" + +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags" + +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Wert-Attribut des Automounter-Zuweisungseintrags" + +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Vorgabeshell, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Wurzel für Benutzerverzeichnisse" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "Name der zu verwendenden NSS-Bibliothek" + +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "" +#~ "Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen " +#~ "Gruppennamen gesucht werden soll" + +#~ msgid "PAM stack to use" +#~ msgstr "Zu verwendender PAM-Stapel" diff --git a/po/es.po b/po/es.po index d5dee5ecba..915b3bf987 100644 --- a/po/es.po +++ b/po/es.po @@ -18,7 +18,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2019-08-26 09:45+0000\n" "Last-Translator: Emilio Herrera \n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" @@ -30,3023 +30,2685 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Establece el nivel de detalle del registro de depuración" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Incluir la marca de tiempo en los registros de depuración" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" -"Incluir microsegundos en la marca de tiempo en los registros de depuración" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "Convertirse en demonio (predeterminado)" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Escribir los mensajes de depuración a archivos log" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "Ejecutarse en forma interactiva (no un demonio)" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "Tiempo de espera del perro guardián antes de reiniciar el servicio" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "Deshabilitar el interfaz netlink" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Comando para iniciar el servicio" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "Indicar un archivo de configuración diferente al predeterminado" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" -"Número de veces que debe intentar la conexión con los Proveedores de Datos" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "Refrescar la base de datos de configuración, después salir" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"El número de descriptores de archivos que pueden ser abiertos por este " -"contestador" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "Similar a --genconf, pero solo refresca la sección dada" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Tiempo de inactividad antes de la desconexión automática de un cliente" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "Muestra el número de versión y finaliza" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "Tiempo de inactividad antes del apagado automático de un contestador" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "SSSD ya está corriendo\n" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" -"Preguntar siempre a todos los caches antes de preguntar a los Proveedores de " -"Datos" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "Nive de depuración" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Servicios SSSD a iniciar" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "Agregar marcas de tiempo de depuración" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Dominios SSSD a iniciar" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "Mostrar marcas de tiempo con microsegundos" -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Tiempo máximo para los mensajes enviados a través de SBUS" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "Un arhivo abierto de descriptor para los registros de depuración" -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" -"Expresión regular para analizar sintácticamente el nombre de usuario y " -"dominio" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "Enviar la salida de depuración a stderr directamente." -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" -"Formato compatible con printf para mostrar nombres completamente calificados" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "El usuario para crear FAST ccache como" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Directorio en el sistema de archivos donde SSSD debería guardar fichero de " -"reproducción de cache de Kerberos." +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "El grupo para crear FAST ccache como" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Dominio para añadir a los nombres sin componente de dominio" +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "Reino Kerberos a usar" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "El usuario a quitar privilegios" +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "Tiempo de vida pedido del ticket" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "Ajustar la verificación del cetificado" +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "Teimpo de vida renovable pedido del ticket" -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Todos los espacios en los nombres de usuario o grupo serán reemplazados por " -"este caracter" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "Opciones FAST ('never', 'try', 'demand')" -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "Ajustar sssd para aceptar o ignorar los cambios de estados de netlink" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" +msgstr "Especifica el servidor principal a usar por FAST" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "Habilitar o deshabilitar el dominio implícito de archivos" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "Solicita la canonización del nombre principal" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "Un orden especifico de los dominios a buscar" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "Usar versión personal de krb5_get_init_creds_password" -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Tiempo máximo (segundos) del caché de enumeración" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "Dominio del proveedor de información (obligatorio)" -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" -"Tiempo máximo (segundos) de la entrada de caché a actualizar en segundo plano" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados." -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Tiempo máximo negativo del cache (segundos)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." +msgstr "El zócalo público posee permisos o pertenencia equivocados." -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" -"Longitud de tiempo de espera para el cache negativo de archivos (segundos)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "Formato no esperado del mensaje de la credencial del servidor." -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Usuarios que deben ser explícitamente ignorados por SSSD" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD no está siendo ejecutado por el usuario root." -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Grupos que deben ser explícitamente ignorados por SSSD" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "El socket SSSD no existe." -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Deben aparecer los usuarios filtrados en los grupos" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "No se pueden obtener estadísticas del socket SSSD." -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "El valor del campo contraseña que el proveedor NSS debe devolver" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción." -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" msgstr "" -"Sustituye valores del directorio personal del proveedor de la identidad con " -"este valor" +"Ha ocurrido un error no esperado mientras se buscaba la descripción del error" -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Sustituir el valor vacío de homedir de la identidad del proveedor con este " -"valor" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "Permiso denegado." -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" -"Sustituir el valor de shell de la identidad del proveedor por este valor" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "Mensaje del servidor:" -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "Lista de los usuarios de consola habilitados para registrarse" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "Las contraseñas no coinciden" -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"Lista de consolas que serán vetadas, y reemplazadas por la consola de reserva" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." +msgstr "No existe soporte para reseteado de la contraseña por el usuario root." -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Si una consola almacenada en el directorio central es permitida pero no se " -"encuentra disponible, utilice esta de reserva" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "Autenticado mediante credenciales cacheada" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Shell a usar si el proveedor no lista uno" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr ", su contraseña cacheada vencerá el:" -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Cuanto serán validos en la memoria los cache los registros" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "Su contraseña ha expirado. Usted tiene %1$d accesos restantes." -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" -"Lista de los atributos de usuario que el contestador NSS tiene permitido " -"publicar" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "Su contraseña expirará en %1$d %2$s." -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Por cuánto tiempo permitir ingresos cacheados entre ingresos en línea (días)" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "La autenticación ha sido denegada hasta:" -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" -"Cuantos intentos de ingreso fallidos se permiten cuando está desconectado" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" +msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" msgstr "" -"Cuántos minutos se denegará el ingreso después de que se alcance el máximo " -"de ingresos fallidos offline_failed_login_attempts" +"Después de cambiar la contraseña OTP, usted debe salir y volver a entrar con " +"el objetivo de fijarla" -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "Que clase de mensajes se muestran al usuario durante la autenticación" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "Falló el cambio de contraseña." -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "Filtrar las respuestas PAM enviadas al pam_sss" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "Nueva contraseña: " -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Cuanto segundos se mantendrá la información de identidad almacenada para " -"solicitudes de PAM" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "Reingrese la contraseña nueva:" -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "Cuanto días se debe mostrar un aviso de expiración de contraseña" +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "Primer Factor: " -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "Lista de uids o nombres de usuario de confianza" +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "Segundo Factor (opcional): " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "Lista de dominios accesibles aún para usuarios los que no se confie" +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "Segundo Factor:" -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "Mensaje impreso cuando una cuenta de usuario expira" +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "Contraseña: " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "Mensaje impreso cuando una cuenta de usuario es bloqueada" +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "Primer Factor (Contraseña Actual): " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "Permitir el certificado basado/en autenticación Smartcard" +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "Contraseña actual: " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "Ruta a la base de datos de certificados con módulos PKCS#11." +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "Cuantos segundos esperará pam_sss a que termine p11_child" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "Nivel de depuración en que se debe ejecutar" -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" -"Que servicios PAM tienen permitido contactar con dominios de aplicación" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "El dominio SSSD a usar" -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "Servicios permitidos usando smartcards" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "Error al poner la región\n" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "Tiempo de espera adicional a esperar por una tarjeta si se pide" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "Nos hay suficiente memoria\n" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" -"PKCS#11 URI para restringir la selección de dispositivos para autenticación " -"Smartcard" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "Usuario no especificado\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "Ya sea para evaluar los atributos basados en el tiempo en reglas sudo" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "Error buscando claves públicas\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "Si cierto, SSSD volverá a la lógica de ordenación de triunfos menores" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "El puerto a usar para conectar al host" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" -"Número máximo de reglas que se pueden refrescar de una vez. Si esto se " -"excede, se llevará a cabo un refresco total." +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "Imprimir las claves públicas ssh del host" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Si se deben picar los nombres de host y las direcciones en el archivo known-" -"hosts" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "Puerto no válido\n" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Cuantos segundos mantener un host en el archivos known_host después de que " -"se haya pedido su clave de host" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "Host no especificado\n" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "Ruta al almacenamiento de los certificados CA de confianza" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "La ruta al comando proxy debe ser absoluta\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy: Podría no resolver el nombre de host %s\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "El UID del usuario" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Lista de UIDs o nombres de usuario que tienen permitido acceder al " -"contestador PAC" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "La cadena de comentarios" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "Longitud de datos PAC considerados válidos" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Directorio de inicio" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Lista de UIDs y nombres de usuarios que tienen permitido el acceso al " -"contestador InfoPipe" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Shell de ingreso" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Lista de atributos de usuario que InforPipe tiene permitido publicar" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Grupos" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "El proveedor donde se almacenarán los secretos" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Crear el directorio del usuario si no existe" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "El número máximo permitido de contenedores anidados" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "" +"La opción de nunca crear el directorio del usuario, anula la configurada" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "El número máximo de secretos que pueden ser almacenados" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Debe especificar un directorio esqueleto alternativo" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "El número máximo de secretos que puede ser almacenado por UID" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "El usuario de SELinux para el registro del usuario" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "El tamaño de carga máxima de un secreto en kilobytes" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "Especifica el grupo a ser añadido\n" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "El servidor URL Custodia está escuchando en" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "Especifique el usuario a agregar\n" -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "El método a usar cuando se autentica en un servidor Custodia" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" +msgstr "Error al inicializar las herramientas - no hay dominio local\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" -"El nombre de las cabeceras que se añadirán a una petición HTTP con el valor " -"definido en auth_header_value" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "Error al inicializar las herramientas\n" -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "El valor que sssd-secrets debería usar para auth_header_name" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "Dominio inválido especificado en FQDN\n" -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" -"La lista de las cabeceras a enviar al servidor Custodia junto con la petición" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "Error interno al analizar sintácticamente los parámetros.\n" -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"El nombre de usuario a usar cuando se autentifica en un servidor Custodia " -"usando basic_auth" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "Los grupos deben estar en el mismo dominio que el usuario\n" -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"La contraseña a usar cuando se autentifica en un servidor Custodia usando " -"basic_auth" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "No se puede encontrar el grupo %1$s en el dominio local\n" -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" -"Si es verdadero el certificado del par es verificado si proxy_url usa " -"protocolo https" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "No se pudieron establecer los valores predeterminados\n" -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" -"Si es falso el certificado del par puede contener un nombre de host " -"diferente que el proxy_url cuando se usa el protocolo https" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" +msgstr "El UID seleccionado está fuera del rango permitido\n" -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" -"Ruta al directorio donde está almacenado el certificado de la autoridad de " -"certificación" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "Ruta al fichero que contiene el certificado CA del servidor" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "Ruta al fichero que contiene el certificado del cliente" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "Ruta al fichero que contiene la clave privada del cliente" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Proveedor de identidad" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Proveedor de Autenticación" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Proveedor de control de acceso" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Proveedor de cambio de contraseña" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "Proveedor de SUDO" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Proveedor de Autofs" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Suministrador de identidad de host" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "Proveedor SELinux" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "Proveedor de gestión de sesión" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "Si el dominio es utilizable por el SO o por las aplicaciones" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "ID mínimo de usuario" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "ID máximo de usuario" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Habilitar la enumeración de todos los usuarios/grupos" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Hacer caché de las credenciales para ingresos fuera de línea" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Mostrar los usuarios/grupos en un formato completamente calificado" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "No incluye a los miembros del grupo en las búsquedas de grupo" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Tiempo máximo de una entrada del caché (segundos)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Restringir o preferir una familia de direcciones específica, cuando se " -"realicen búsquedas DNS" +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "No es posible definir contexto de registro de SELinux\n" -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "Por cuánto tiempo permitir ingresos cacheados luego del último (días)" +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "No se pudo obtener información del usuario\n" -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" -"Cuanto debería SSSD hablar con un único servidor DNS antes de intentar el " -"siguiente servidor (milisegundos)" +"El directorio de inicio del usuario ya existe, no copiar datos desde el " +"esqueleto\n" -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" -"Cuanto debería mantenerse intentando resolver una única petición DNS " -"(segundos)" +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "No se puede crear el directorio home del usuario: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" -"Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se " -"estén resolviendo servidores" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "No puede crear la cuenta de correo del usuario: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "La sección del dominio de la consulta para descubrir servicios DNS" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "No se pudo asignar el ID para el usuario - ¿el dominio estará lleno?\n" -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "Sustituye valor GID del proveedor de la identidad con este valor" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" +msgstr "Ya existe un usuario o grupo con el mismo nombre o ID\n" -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Trate al nombre de usuario con mayúsculas y minúsculas" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "Error en la transacción. No se pudo agregar el usuario.\n" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" -"Frecuencia con la que deberían expirar las entradas refrescada en segundo " -"plano" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "El GID del grupo" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Que actualice automáticamente las entradas del cliente DNS" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "Especifique el grupo a agregar\n" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "El TTL a aplicar a la entrada del cliente DNS después de actualizarla" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "El GID elegido está fuera del rango permitido\n" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"La interfaz cuya IP debería ser utilizada para actualizaciones DNS " -"automáticas" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "No se pudo asignar el ID para el grupo - ¿el dominio estará lleno?\n" -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" -"Frecuencia con la que actualizar periódicamente la entrada del cliente DNS" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "Ya existe un grupo con el mismo nombre o GID\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" -"Si el proveedor debería explícitamente actualizar el registro PTR también" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "Error en la transacción. No se pudo agregar el grupo.\n" -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Si la utilidad nsupdate debería utilizar por defecto TCP" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "Especifique el grupo a borrar\n" -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" -"Clase de autenticación que debería ser usada para llevar a cabo una " -"actualización DNS" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "El grupo %1$s está fuera del rango de ID definidas para el dominio\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" msgstr "" -"Borrar el servidor DNS utilizado para llevar a cabo una actualización DNS" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Control de enumeración de los dominios de confianza" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Frecuencia con la que la lista de subdominios es refrescada" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Lista de las opciones que serían heredadas a un subdominio" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "Valor homedir del subdominio por defecto" +"Petición NSS fallo (%1$d). La entrada debe permanecer en la memoria cache.\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" +#: src/tools/sss_groupdel.c:132 +msgid "" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" msgstr "" -"Cuanto serán usadas las credenciales en cache para la autenticación en cache" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "Ya sea para crear grupos privados para usuarios" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Dominio IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Dirección del servidor IPA" +"No existe tal grupo en el dominio local. Eliminando los grupos que sólo se " +"permiten en el dominio local.\n" -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Dirección del servidor de respaldo IPA" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "Error interno. No se pudo eliminar el grupo.\n" -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nombre de equipo del cliente IPA" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Grupos a los que se debe agregar este grupo" -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" -"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Grupos desde los que se debe eliminar este grupo" -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Búsqueda base para objetos HBAC" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "Especifica el grupo a ser eliminado de\n" -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" -"Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "Especifique el grupo a modificar\n" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/tools/sss_groupmod.c:130 msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"La cantidad de tiempo en segundos entre búsquedas de los mapas SELinux " -"contra el servidor IPA" +"No se pudo encontrar el grupo en el dominio local, la modificación de grupos " +"se permite sólo en el dominio local\n" -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" msgstr "" -"Si se lo define en 'false', será ignorado el argumento de equipo ofrecido " -"por PAM" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "La ubicación de montaje automático que este cliente de IPA está usando" +"Los grupos miembro deben estar en el mismo dominio que el grupo padre\n" -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format +msgid "" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" -"Buscar base para el objeto que contiene información sobre el dominio IPA" +"No se puede encontrar el grupo %1$s en el dominio local, solo están " +"permitidos grupos en el dominio local\n" -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" msgstr "" -"Buscar base para los objetos que contienen información sobre los rangos ID" +"No se pudo modificar el grupo - verifique si los nombre de grupo miembro son " +"los correctos\n" -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" msgstr "" -"Habilita la localización de sitios DNS en base al servicio de descubrimiento" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Buscar base para la visualización de contenedores" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Objectclass para visualizar contenedores" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "Atributo con el nombre de la vista" +"No se pudo modificar el grupo - verifique si el nombre de grupo es correcto\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Objectclass para anular objetos" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "Error de transacción. No se pudo modificar el grupo.\n" -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "Atributo con la referencia al objeto original" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Magia privada" -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Objectclass para anular objetos de usuario" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGroup: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Objectclass para anular objetos de grupo" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sGID número: %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "Base de búsqueda para objetos relacionados con Desktop Profile" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sMember usuarios: " -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/tools/sss_groupshow.c:627 +#, c-format msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" +"\n" +"%1$sIs a member of: " msgstr "" -"La cantidad de tiempo en segundos entre las búsquedas de las reglas Desktop " -"Profile contra el servidor IPA" +"\n" +"%1$sIs un miembro de: " -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/tools/sss_groupshow.c:634 +#, c-format msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +"\n" +"%1$sMember groups: " msgstr "" -"La cantidad de tiempo en minutos entre búsquedas de reglas de Desktop " -"Profiles contra el servidor IPA cuando la última petición no ha encontrado " -"ninguna regla" +"\n" +"%1$sMember grupos: " -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Dominio Active Directory" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "Imprime miembros de grupo indirecto en forma recursiva" -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "Habilitar dominio Active Directory" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "Especifica el grupo a mostrar\n" -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Dirección del servidor Active Directory" +#: src/tools/sss_groupshow.c:744 +msgid "" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" +msgstr "" +"No existe tal grupo en el dominio local. Imprimir los grupos está permitido " +"únicamente en el dominio local.\n" -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Dirección del servidor de respaldo Active Directory" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "Error interno. No se pudo imprimir el grupo.\n" -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Nombre de host del cliente de Active Directory" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "Eliminar el directorio de inicio y el receptor de correo" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Filtro LDAP para determinar privilegios de acceso" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "No eliminar el directorio de inicio y el receptor de correo" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Si se usa Global Catalog para búsquedas" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "Forzar la eliminación de los archivos que no pertenecen al usuario" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Modo de operación para control de acceso basado en GPO" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "Finaliza los procesos del usuario antes de eliminarlo" -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" -"La cantidad de tiempo entre búsquedas de los ficheros de política GPO contra " -"el servidor AD" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "Especifique el usuario a borrar\n" -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" -"Servicio de nombres PAM que mapea a los ajustes de política GPO " -"(Deny)InteractiveLogonRight" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "El usuario %1$s está fuera del rango de ID definido para el dominio\n" -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" -"Servicio de nombres PAM que mapea a los ajustes de política GPO " -"(Deny)RemoteInteractiveLogonRight" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"Servicio de nombres PAM que mapea a los ajustes de política GPO " -"(Deny)NetworkLogonRight" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "No es posible reiniciar contexto de registro de SELinux\n" -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" msgstr "" -"Servicio de nombres PAM que mapea a los ajustes de política GPO " -"(Deny)BatchLogonRight" +"PRECAUCIÓN: El usuario (uid %1$lu) estaba todavía conectado cuando se " +"borró.\n" -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" msgstr "" -"Servicio de nombres PAM que mapea a los ajustes de política GPO " -"(Deny)ServiceLogonRight" +"No es posible determinar si el usuario estaba registrado en esta plataforma" -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" -"Servicio de nombres PAM por el que el acceso basado en GPO será siempre " -"alcanzado" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n" -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" -"Servicio de nombres PAM por el que el acceso basado en GPO será siempre " -"denegado" +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "El comando post-delete falló: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" -"Derecho de acceso por defecto (o permitir/denegar) a usar por el servicio de " -"nombres PAM no mapeado" +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" +msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n" -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "un sitio concreto a ser usado por el cliente" +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "No se puede borrar homedir: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/tools/sss_userdel.c:326 msgid "" -"Maximum age in days before the machine account password should be renewed" +"No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" -"Edad máxima en días antes de que la cuenta de contraseña debería ser renovada" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "Opción para afinar la tarea de renovación de la cuenta de la máquina" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Dirección del servidor Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Dirección del servidor de respaldo Kerberos" +"No existe ese usuario en el dominio local. La eliminación de usuarios se " +"permite en el dominio local.\n" -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Reinado Kerberos" +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "Error interno. No se pudo eliminar el usuario.\n" -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Expiración de la autenticación" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "El GID del Usuario" -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Si se crean ficheros kdcinfo" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Grupos a los que se debe agregar este usuario" -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Dónde soltar los fragmentos de configuración de krb5" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Grupos desde los que hay que eliminar este usuario" -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Directorio donde almacenar las credenciales cacheadas" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Bloquear la cuenta" -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Ubicación del caché de credenciales del usuario" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Desbloquear la cuenta" -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Ubicación de la tabla de claves para validar las credenciales" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "Añadir un par atributo/valor. El formato es nombre_atributo=valor." -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Habilitar la validación de credenciales" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." +msgstr "Borrar un par atributo/valor. El formato es nombre_atributo=valor." -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" +#: src/tools/sss_usermod.c:59 +msgid "" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" msgstr "" -"Si se encuentra desconectado, almacena contraseñas para más tarde realizar " -"una autenticación en línea" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "ciclo de vida renovable del TGT" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "ciclo de vida del TGT" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "tiempo entre dos comprobaciones para renovación " - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Habilita FAST" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Selecciona el principal para su uso por FAST" +"Fijar un atributo para un par nombre/valor. El formato es " +"nombre_atributo=valor. Para atributos con múltiples valores, el comando " +"reemplaza el valor ya presente" -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Habilita canonicalización principal" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "Especifique el par(es) nombre/valor\n" -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Permite los principios de la empresa" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "Especifique el usuario a modificar\n" -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" +#: src/tools/sss_usermod.c:180 +msgid "" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" msgstr "" -"Un mapeo desde los nombres de usuario a los nombres de principal de Kerberos" +"No se pudo encontrar el usuario en el dominio local, la modificación de los " +"usuarios se permite solamente en el dominio local\n" -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" msgstr "" -"El servidor en donde está ejecutándose el servicio de modificación de " -"contraseña, en caso de no ser KDC. " - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, El URI del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, La URI del servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "DN base predeterminado" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "Modo usado para cambiar la contraseña de usuario" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "El DN Bind predeterminado" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "El tipo del token de autenticación del DN bind predeterminado" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "El token de autenticación del DN bind predeterminado" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Tiempo durante el que se intentará la conexión" +"No se pudo modificar el usuario - verifique si los nombres de grupo son " +"correctos\n" -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" +msgstr "" +"No se pudo modificar el usuario - ¿no será ya miembro de esos grupos?\n" -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" +msgstr "Error de transacción. No se pudo modificar el usuario.\n" -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Use solo el caso superior para nombres reales" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "" +"No hay objetos en el cache que coincidan con la búsqueda especificada\n" -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Archivo que contiene los certificados CA" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "No podría invalidar %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Ruta hacia un directorio certificado CA" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "No podría invalidar %1$s %2$s\n" -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Fichero que contiene el certificado de cliente" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "Invalidar todas las entradas en el cache" -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Fichero que contiene la llave de cliente" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "Usuario particular invalidado" -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Lista de posibles suites de cifrado" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "Todos los usuarios invalidados" -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Requiere la verificación de certificado TLS" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "Invalidar grupo concreto" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Especificar el mecanismo sasl a usar" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "Invalidar todos los grupos" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Especifique el id de autorización sasl a usar" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "Invalidar un grupo de red concreto" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Especifica el reinado de autorización sasl a ser utilizado" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "Invalidar todos los grupos de red" -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "Invalidar un servicio concreto" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Tabla de clave del servicio Kerberos" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "Invalidar todos los servicios" -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Usar auth Kerberos para la conexión LDAP" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "Invalidar mapa autofs concreto" -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Seguir referencias LDAP" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "Invalidar todos los mapas autofs" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Período de vida del TGT para la conexión LDAP" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "Invalidar SSH host concreto" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Como eliminar aliases" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "Invalidar todos los hosts SSH" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Nombre de servicio para busquedas de servicios DNS" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "Invalidar una regla sudo concreta" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "Invalidar todas las reglas sudo cacheadas" -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"La cantidad de miembros que deben faltar para desencadenar una deref completa" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "Solo invalidar las entradas de un dominio concreto" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/tools/sss_cache.c:811 msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" msgstr "" -"Si la Biblioteca LDAP debería realizar una búsqueda inversa para " -"canonicalizar el nombre del host durante un enlace SASL" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "atributo entryUSN" +"Se han suministrado argumento(s) no esperado, opciones que invalidan un " +"único objeto solo aceptan que se les suministre un único argumento.\n" -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "atributo lastUSN" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" +msgstr "Por favor seleccione al menos un objeto par invalidar\n" -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -"El período de tiempo máximo para retener una conexión con el servidor LDAP " -"antes de desconectar" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Deshabilita el control de paginación LDAP" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Deshabilitar el rango de recuperación Active Directory" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Tiempo máximo a esperar un pedido de búsqueda" +"No podría abrir el dominio %1$s. Si el dominio es un subdominio (dominio " +"confiable), use el nombre totalmente cualificado en lugar de --domain/-d " +"parametro.\n" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "periodo de espera para solicitud de enumeración" +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "No podría abrir los dominios disponibles\n" -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Tiempo en segundos entre las actualizaciones de enumeración" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "El nombre '%1$s' no parece ser FQDN ('%2$s = TRUE' está fijado)\n" -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "periodo de tiempo entre borrados de la caché" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "Falta memoria\n" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Requiere TLS para búsquedas de ID" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s debe ser ejecutado como root\n" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "Usar el mapeado ID de objectSID en lugar de las IDs preajustadas" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "si" -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "DN base para búsquedas de usuario" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "no" -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Ambito de las búsquedas del usuario" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "error" -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtro para las búsquedas del usuario" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "Resultado no válido." -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass para los usuarios" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "Incapaz de leer la entrada del usuario\n" -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Atributo Username" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "Entrada no válida, por favor suministre bien '%s' o bien '%s'.\n" -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Atributo UID" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "Error mientras se ejecutaba comando externo\n" -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Atributo GID primario" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "SSSD necesita estar corriendo. ¿Arrancar SSSD ahora?" -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Atributo GECOS" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "SSSD no debe estar corriendo. ¿Parar SSSD ahora?" -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Atributo Directorio de inicio" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "SSSD necesita ser reiniciado. ¿Reiniciar SSSD ahora?" -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Atributo shell" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s no está presente en cache.\n" -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "Atributo UUID" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "Nombre" -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "Atributo objectSID" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "Fecha de creación de la entrada cache" -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Atributo primario del grupo Active Directory para el mapeado de ID" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "Última hora de actualización de la entrada cache" -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Atributo principal del usuario (para Kerberos) " +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "Tiempo de expiración de la entrada cache" -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nombre completo" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "Cached en InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Atributo memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Atributo hora de modificación" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "atributo shadowLastChange" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "atributo shadowMin " - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "atributo shadowMax" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "atributo shadowWarning " - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "atributo shadowInactive " +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "Error: Incapaz para obtener objeto [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "atributo shadowExpire" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: Incapaz de leer el valor [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "atributo shadowFlag " +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "Especificar nombre." -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "listado de atributos de servicios PAM autorizados" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "Incapaz de analizar el nombre %s.\n" -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Atributo de listado de equipos de servidor autorizados" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "Búsqueda por SID" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "Atributo listando los rhosts de los servidores autorizados" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "Búsqueda por ID de usuario" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "atributo krbLastPwdChange " +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Tiempo de expiración de Initgroups" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "atributo krbPasswordExpiration " +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "Búsqueda por ID de grupo" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" msgstr "" -"atributo indicando que las políticas de contraseña del lado del servidor " -"están activas" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "atributo accountExpires de AD" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "atributo userAccountControl de AD" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "atributo nsAccountLock " - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "loginDisabled atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "loginExpirationTime atributo de NDS" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "loginAllowedTimeMap atributo de NDS" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Atributo de clave pública SSH" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" msgstr "" -"atributo listando los tipos de autenticación permitidos para un usuario" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "atributo conteniendo el certificado X509 del usuario" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "atributo que contiene la dirección de correo electrónico del usuario" -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" +#: src/tools/sssctl/sssctl_config.c:79 +msgid "" +"File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" -"Una lista de los atributos extra a descargar junto con la entrada del usuario" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "DN base para busqueda de grupos" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "clase objeto para" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Nombre del grupo" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Contraseña del grupo" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Atributo GID" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Atributo de miembro del grupo" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "Atributo UUID de grupo" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Atributo de modificación de tiempo para los grupos" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Tipo del grupo y otras banderas" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "Atributo de miembro de grupo externo LDAP" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "Máximo nivel de anidamiento que seguirá SSSD" +"La propiedad del fichero y la comprobación de permisos fallaron. Se esperaba " +"root:root y 0600.\n" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "DN base para búsquedas de grupos de red" +#: src/tools/sssctl/sssctl_config.c:85 +#, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Clases de objetos para grupos de red" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Nombre de grupo de red" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Atributo de miembros de grupos de red" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Atributo triple de grupo de red" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "Cuestiones identificadas por los validadores: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Atributo de modificación de tiempo para grupos de red" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "Mensajes generados durante la configuración de la fusión: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Base DN para servicio de búsquedas" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Clase de objeto para servicio" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "Incapaz de crear el directorio de respaldo [%d]: %s" -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Atributo de nombre de servicio" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" +msgstr "Respaldo SSSD de datos locales ya existe, ¿anular?" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Atributo de puerto de servicio" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "Incapaz de exportar usuarios anulados\n" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Atributo de protocolo de servidor" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "Incapaz de exportar grupos anulados\n" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Límite más bajo para el mapeo de ID" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "Anular respaldo existente" -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Límite más alto para el mapeo de ID" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "Incapaz de importar usuario anulado\n" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Número de IDs por cada trozo cuando se mapean ID" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "Incapaz de importar grupo anulado\n" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "Usar el algoritmo compatible con autorid para el mapeo de ID" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "Arrancar SSSD si no está corriendo" -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Nombre del dominio por defecto para el mapeo de ID" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "Reiniciar SSSD después de la importación de datos" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID del dominio por defecto para el mapeo de ID" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "Crear limpiar ficheros cache e importar datos locales" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "Número de trozos secundarios" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "Para SSSD antes de borrar el cache" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Si usar Token-Groups" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "Iniciar SSSD cuando se haya borrado el cache" -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Fijar el límite más bajo de IDs permitidas desde el servidor LDAP" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "Creando respaldo de los datos locales...\n" -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" -"Fijar el límite más alto para las IDs permitidas desde el servidor LDAP" +"Incapaz de crear el respaldo de los datos locales, no se puede quitar el " +"cache.\n" -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN para consultas ppolicy" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "Borrando los ficheros del cache...\n" -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "Máximas entradas a recuperar durante una solicitud de comodín" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "Incapaz de borrar ficheros en cache\n" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Política para evaluar el vencimiento de la contraseña" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "Restaurando datos locales...\n" -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" msgstr "" -"Los atributos que deberán ser utilizados para evaluar si una cuenta ha " -"expirado" +"Muestra la lista de dominio incluyendo los tipos de dominios primarios y de " +"confianza" -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "¡Incapaz de conectar al bus del sistema!\n" -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" -"URI de un servidor LDAP donde se permite la modificación de contraseñas" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "En línea" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" -"URI de un servidor de respaldo LDAP donde están permitidos los cambios de " -"contraseña" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "Fuera de línea" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" -"Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "Estado en línea: %s\n" -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" msgstr "" -"Si actualizar el atributo ldap_user_shadow_last_change después de un cambio " -"de contraseña" -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Base DN para búsquedas de reglas sudo" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Período de refresco total automático" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Período de refresco inteligente automático" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "Servidores activos:\n" -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "Si filtrar la reglas por nombre de host, direcciones IP y red" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "no conectado" -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" msgstr "" -"Nombres de host y/o nombres de dominio totalmente cualificado de esta " -"máquina para filtrar las reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "Direcciones o red IPv4 o IPv6 de esta máquina para filtrar reglas sudo" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "Descubiertos %s servidores:\n" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "Si incluir reglas que contienen netgroup en el atributo de host" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "Ninguno tan lejos.\n" -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Si incluir reglas que contengan expresiones regulares en el atributo de host" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "Mostrar el estado en línea" -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Objeto clase para reglas sudo" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "Mostrar información sobre el servidor activo" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "Mostrar la lista de servidores descubiertos" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Nombre de regla sudo" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "Especificar el nombre de dominio." -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Atributo de regla de comando sudo" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "¡Fuera de memoria!\n" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Atributo de la regla host de sudo" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "Incapaz de obtener el estado en línea\n" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Atributo de la regla usuario de sudo" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "Incapaz de obtener la lista de servidores\n" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Atributo de la regla opción de sudo" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "Atributo runas de regla sudo" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "Borrar los ficheros de registro en lugar de dividirlos" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "Atributo de la regla suda runasuser" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "Borrando ficheros de registro...\n" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Atributo de regla runasgroup de sudo" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "Incapaz de borrar los ficheros de registro\n" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Atributo de regla notbefore de sudo" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "Truncando ficheros de registro...\n" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Atributo de regla noafter de sudo" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "Incapaz de truncar los ficheros de registro\n" -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Atributo de regla orden de sudo" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "¡Fuera de memoria!" -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Objeto clase para mapas automontador" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "Archivando ficheros de registro en %s...\n" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Atributo de nombre de mapa de automontador" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "Incapaz de archivar los ficheros de registro\n" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Objeto clase para entradas de mapa de automontador" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "Especifique el nivel de depuración que desea fijar" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Atributo de clave de entrada para mapa de automontador" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "SSSD InfoPipe resultado de la búsqueda de usuario:\n" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Atributo de valor de entrada para mapa de automontador" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "dlopen falló con [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Base DN para búsquedas de mapa de automontador" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "dlsym falló con with [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Lista separada por comas de usuarios autorizados" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "malloc falló.\n" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Lista separada por comas de usuarios prohibidos" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "sss_getpwnam_r falló con [%d].\n" -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Shell predeterminado, /bin/bash" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "Resultado de la búsqueda de usuario SSSD nss:\n" -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Base de los directorios de inicio" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " - nombre de usuario: %s\n" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "Número de hijos proxy prefabricados" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " - id de usuario: %d\n" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Nombre de la biblioteca NSS a usar" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " - id de grupo: %d\n" -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "Si buscar el nombre canónico del grupo desde el cache si es posible" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " - gecos: %s\n" -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Pila PAM a usar" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " - directorio home: %s\n" -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "Ruta de las fuentes del fichero passwd" +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format +msgid "" +" - shell: %s\n" +"\n" +msgstr "" +" - shell: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "Ruta de las fuentes del fichero group" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "Acción PAM [auth|acct|setc|chau|open|clos], predeterminada: " -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "Convertirse en demonio (predeterminado)" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "Servicio PAM, predeterminado: " -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "Ejecutarse en forma interactiva (no un demonio)" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "Especificar nombre de usuario." -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "Deshabilitar el interfaz netlink" +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format +msgid "" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" +msgstr "" +"usuario: %s\n" +"acción: %s\n" +"servicio: %s\n" +"\n" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "Indicar un archivo de configuración diferente al predeterminado" +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "Búsqueda de nombre de usuario con [%s] falló.\n" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "Refrescar la base de datos de configuración, después salir" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "Búsqueda de Usuario InfoPipe con [%s] falló.\n" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "Similar a --genconf, pero solo refresca la sección dada" +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "pam_start falló: %s\n" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "Muestra el número de versión y finaliza" +#: src/tools/sssctl/sssctl_user_checks.c:268 +msgid "" +"testing pam_authenticate\n" +"\n" +msgstr "" +"probando pam_authenticate\n" +"\n" -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "SSSD ya está corriendo\n" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "pam_get_item falló: %s\n" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "Nive de depuración" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" +msgstr "" +"pam_authenticate para usuario [%s]: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "Agregar marcas de tiempo de depuración" +#: src/tools/sssctl/sssctl_user_checks.c:278 +msgid "" +"testing pam_chauthtok\n" +"\n" +msgstr "" +"probando pam_chauthtok\n" +"\n" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "Mostrar marcas de tiempo con microsegundos" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" +msgstr "" +"pam_chauthtok: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "Un arhivo abierto de descriptor para los registros de depuración" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" +msgstr "" +"probando pam_acct_mgmt\n" +"\n" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "Enviar la salida de depuración a stderr directamente." +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format +msgid "" +"pam_acct_mgmt: %s\n" +"\n" +msgstr "" +"pam_acct_mgmt: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "El usuario para crear FAST ccache como" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" +msgstr "" +"probando pam_setcred\n" +"\n" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "El grupo para crear FAST ccache como" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "Reino Kerberos a usar" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" +msgstr "" +"probando pam_open_session\n" +"\n" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "Tiempo de vida pedido del ticket" +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "Teimpo de vida renovable pedido del ticket" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" +msgstr "" +"probando pam_close_session\n" +"\n" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "Opciones FAST ('never', 'try', 'demand')" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" +msgstr "" +"pam_close_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "Especifica el servidor principal a usar por FAST" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "acción desconocida\n" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "Solicita la canonización del nombre principal" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "Entorno PAM:\n" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "Usar versión personal de krb5_get_init_creds_password" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " - no env -\n" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "Dominio del proveedor de información (obligatorio)" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "La ID de usuario para ejecutar el servidor como" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados." +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "La ID de grupo para ejecutar el servidor como" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "El zócalo público posee permisos o pertenencia equivocados." +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "Informa que el contestador ha sido socket-activated" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "Formato no esperado del mensaje de la credencial del servidor." +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "Informa que el contestador ha sido dbus-activated" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD no está siendo ejecutado por el usuario root." +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Establece el nivel de detalle del registro de depuración" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "El socket SSSD no existe." +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Incluir la marca de tiempo en los registros de depuración" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "No se pueden obtener estadísticas del socket SSSD." +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "" +#~ "Incluir microsegundos en la marca de tiempo en los registros de depuración" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción." +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Escribir los mensajes de depuración a archivos log" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "" -"Ha ocurrido un error no esperado mientras se buscaba la descripción del error" +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "Tiempo de espera del perro guardián antes de reiniciar el servicio" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "Permiso denegado." +#~ msgid "Command to start service" +#~ msgstr "Comando para iniciar el servicio" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "Mensaje del servidor:" +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "" +#~ "Número de veces que debe intentar la conexión con los Proveedores de Datos" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "Las contraseñas no coinciden" +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "El número de descriptores de archivos que pueden ser abiertos por este " +#~ "contestador" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "No existe soporte para reseteado de la contraseña por el usuario root." +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "Tiempo de inactividad antes de la desconexión automática de un cliente" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "Autenticado mediante credenciales cacheada" +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "" +#~ "Tiempo de inactividad antes del apagado automático de un contestador" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr ", su contraseña cacheada vencerá el:" +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "" +#~ "Preguntar siempre a todos los caches antes de preguntar a los Proveedores " +#~ "de Datos" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "Su contraseña ha expirado. Usted tiene %1$d accesos restantes." +#~ msgid "SSSD Services to start" +#~ msgstr "Servicios SSSD a iniciar" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "Su contraseña expirará en %1$d %2$s." +#~ msgid "SSSD Domains to start" +#~ msgstr "Dominios SSSD a iniciar" -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "La autenticación ha sido denegada hasta:" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Tiempo máximo para los mensajes enviados a través de SBUS" -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "El sistema está fuera de línea, no se puede cambiar la contraseña" +#~ msgid "Regex to parse username and domain" +#~ msgstr "" +#~ "Expresión regular para analizar sintácticamente el nombre de usuario y " +#~ "dominio" -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"Después de cambiar la contraseña OTP, usted debe salir y volver a entrar con " -"el objetivo de fijarla" +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Formato compatible con printf para mostrar nombres completamente " +#~ "calificados" -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "Falló el cambio de contraseña." +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Directorio en el sistema de archivos donde SSSD debería guardar fichero " +#~ "de reproducción de cache de Kerberos." -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "Nueva contraseña: " +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Dominio para añadir a los nombres sin componente de dominio" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "Reingrese la contraseña nueva:" +#~ msgid "The user to drop privileges to" +#~ msgstr "El usuario a quitar privilegios" -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "Primer Factor: " +#~ msgid "Tune certificate verification" +#~ msgstr "Ajustar la verificación del cetificado" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "Segundo Factor (opcional): " +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Todos los espacios en los nombres de usuario o grupo serán reemplazados " +#~ "por este caracter" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "Segundo Factor:" +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "" +#~ "Ajustar sssd para aceptar o ignorar los cambios de estados de netlink" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "Contraseña: " +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "Habilitar o deshabilitar el dominio implícito de archivos" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "Primer Factor (Contraseña Actual): " +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "Un orden especifico de los dominios a buscar" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "Contraseña actual: " +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Tiempo máximo (segundos) del caché de enumeración" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "" +#~ "Tiempo máximo (segundos) de la entrada de caché a actualizar en segundo " +#~ "plano" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Tiempo máximo negativo del cache (segundos)" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "Nivel de depuración en que se debe ejecutar" +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "" +#~ "Longitud de tiempo de espera para el cache negativo de archivos (segundos)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Usuarios que deben ser explícitamente ignorados por SSSD" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "El dominio SSSD a usar" +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Grupos que deben ser explícitamente ignorados por SSSD" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "Error al poner la región\n" +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Deben aparecer los usuarios filtrados en los grupos" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "Nos hay suficiente memoria\n" +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "El valor del campo contraseña que el proveedor NSS debe devolver" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "Usuario no especificado\n" +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Sustituye valores del directorio personal del proveedor de la identidad " +#~ "con este valor" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "Error buscando claves públicas\n" +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Sustituir el valor vacío de homedir de la identidad del proveedor con " +#~ "este valor" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "El puerto a usar para conectar al host" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "" +#~ "Sustituir el valor de shell de la identidad del proveedor por este valor" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "Imprimir las claves públicas ssh del host" +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "Lista de los usuarios de consola habilitados para registrarse" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Lista de consolas que serán vetadas, y reemplazadas por la consola de " +#~ "reserva" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "Puerto no válido\n" +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Si una consola almacenada en el directorio central es permitida pero no " +#~ "se encuentra disponible, utilice esta de reserva" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Shell a usar si el proveedor no lista uno" + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Cuanto serán validos en la memoria los cache los registros" + +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "" +#~ "Lista de los atributos de usuario que el contestador NSS tiene permitido " +#~ "publicar" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Por cuánto tiempo permitir ingresos cacheados entre ingresos en línea " +#~ "(días)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "" +#~ "Cuantos intentos de ingreso fallidos se permiten cuando está desconectado" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Cuántos minutos se denegará el ingreso después de que se alcance el " +#~ "máximo de ingresos fallidos offline_failed_login_attempts" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Que clase de mensajes se muestran al usuario durante la autenticación" + +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "Filtrar las respuestas PAM enviadas al pam_sss" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Cuanto segundos se mantendrá la información de identidad almacenada para " +#~ "solicitudes de PAM" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "Cuanto días se debe mostrar un aviso de expiración de contraseña" + +#~ msgid "List of trusted uids or user's name" +#~ msgstr "Lista de uids o nombres de usuario de confianza" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "Host no especificado\n" +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "Lista de dominios accesibles aún para usuarios los que no se confie" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "La ruta al comando proxy debe ser absoluta\n" +#~ msgid "Message printed when user account is expired." +#~ msgstr "Mensaje impreso cuando una cuenta de usuario expira" + +#~ msgid "Message printed when user account is locked." +#~ msgstr "Mensaje impreso cuando una cuenta de usuario es bloqueada" + +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "Permitir el certificado basado/en autenticación Smartcard" + +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "Ruta a la base de datos de certificados con módulos PKCS#11." + +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "Cuantos segundos esperará pam_sss a que termine p11_child" + +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "" +#~ "Que servicios PAM tienen permitido contactar con dominios de aplicación" + +#~ msgid "Allowed services for using smartcards" +#~ msgstr "Servicios permitidos usando smartcards" + +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Tiempo de espera adicional a esperar por una tarjeta si se pide" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "PKCS#11 URI para restringir la selección de dispositivos para " +#~ "autenticación Smartcard" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "" +#~ "Ya sea para evaluar los atributos basados en el tiempo en reglas sudo" + +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "" +#~ "Si cierto, SSSD volverá a la lógica de ordenación de triunfos menores" + +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "Número máximo de reglas que se pueden refrescar de una vez. Si esto se " +#~ "excede, se llevará a cabo un refresco total." + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Si se deben picar los nombres de host y las direcciones en el archivo " +#~ "known-hosts" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Cuantos segundos mantener un host en el archivos known_host después de " +#~ "que se haya pedido su clave de host" + +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "Ruta al almacenamiento de los certificados CA de confianza" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Lista de UIDs o nombres de usuario que tienen permitido acceder al " +#~ "contestador PAC" + +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "Longitud de datos PAC considerados válidos" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Lista de UIDs y nombres de usuarios que tienen permitido el acceso al " +#~ "contestador InfoPipe" + +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "" +#~ "Lista de atributos de usuario que InforPipe tiene permitido publicar" + +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "El proveedor donde se almacenarán los secretos" + +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "El número máximo permitido de contenedores anidados" + +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "El número máximo de secretos que pueden ser almacenados" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "sss_ssh_knownhostsproxy: Podría no resolver el nombre de host %s\n" +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "El número máximo de secretos que puede ser almacenado por UID" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "El UID del usuario" +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "El tamaño de carga máxima de un secreto en kilobytes" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "La cadena de comentarios" +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "El servidor URL Custodia está escuchando en" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "Directorio de inicio" +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "El método a usar cuando se autentica en un servidor Custodia" -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "Shell de ingreso" +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "El nombre de las cabeceras que se añadirán a una petición HTTP con el " +#~ "valor definido en auth_header_value" -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "Grupos" +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "El valor que sssd-secrets debería usar para auth_header_name" -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "Crear el directorio del usuario si no existe" +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "" +#~ "La lista de las cabeceras a enviar al servidor Custodia junto con la " +#~ "petición" -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "" -"La opción de nunca crear el directorio del usuario, anula la configurada" +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "El nombre de usuario a usar cuando se autentifica en un servidor Custodia " +#~ "usando basic_auth" + +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "La contraseña a usar cuando se autentifica en un servidor Custodia usando " +#~ "basic_auth" + +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "Si es verdadero el certificado del par es verificado si proxy_url usa " +#~ "protocolo https" + +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "Si es falso el certificado del par puede contener un nombre de host " +#~ "diferente que el proxy_url cuando se usa el protocolo https" -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "Debe especificar un directorio esqueleto alternativo" +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "" +#~ "Ruta al directorio donde está almacenado el certificado de la autoridad " +#~ "de certificación" -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "El usuario de SELinux para el registro del usuario" +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "Ruta al fichero que contiene el certificado CA del servidor" -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "Especifica el grupo a ser añadido\n" +#~ msgid "Path to file containing client's certificate" +#~ msgstr "Ruta al fichero que contiene el certificado del cliente" -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "Especifique el usuario a agregar\n" +#~ msgid "Path to file containing client's private key" +#~ msgstr "Ruta al fichero que contiene la clave privada del cliente" -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "Error al inicializar las herramientas - no hay dominio local\n" +#~ msgid "Identity provider" +#~ msgstr "Proveedor de identidad" -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "Error al inicializar las herramientas\n" +#~ msgid "Authentication provider" +#~ msgstr "Proveedor de Autenticación" -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "Dominio inválido especificado en FQDN\n" +#~ msgid "Access control provider" +#~ msgstr "Proveedor de control de acceso" -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "Error interno al analizar sintácticamente los parámetros.\n" +#~ msgid "Password change provider" +#~ msgstr "Proveedor de cambio de contraseña" -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "Los grupos deben estar en el mismo dominio que el usuario\n" +#~ msgid "SUDO provider" +#~ msgstr "Proveedor de SUDO" -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "No se puede encontrar el grupo %1$s en el dominio local\n" +#~ msgid "Autofs provider" +#~ msgstr "Proveedor de Autofs" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "No se pudieron establecer los valores predeterminados\n" +#~ msgid "Host identity provider" +#~ msgstr "Suministrador de identidad de host" -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "El UID seleccionado está fuera del rango permitido\n" +#~ msgid "SELinux provider" +#~ msgstr "Proveedor SELinux" -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "No es posible definir contexto de registro de SELinux\n" +#~ msgid "Session management provider" +#~ msgstr "Proveedor de gestión de sesión" -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "No se pudo obtener información del usuario\n" +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "Si el dominio es utilizable por el SO o por las aplicaciones" -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"El directorio de inicio del usuario ya existe, no copiar datos desde el " -"esqueleto\n" +#~ msgid "Minimum user ID" +#~ msgstr "ID mínimo de usuario" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "No se puede crear el directorio home del usuario: %1$s\n" +#~ msgid "Maximum user ID" +#~ msgstr "ID máximo de usuario" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "No puede crear la cuenta de correo del usuario: %1$s\n" +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Habilitar la enumeración de todos los usuarios/grupos" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "No se pudo asignar el ID para el usuario - ¿el dominio estará lleno?\n" +#~ msgid "Cache credentials for offline login" +#~ msgstr "Hacer caché de las credenciales para ingresos fuera de línea" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "Ya existe un usuario o grupo con el mismo nombre o ID\n" +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Mostrar los usuarios/grupos en un formato completamente calificado" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "Error en la transacción. No se pudo agregar el usuario.\n" +#~ msgid "Don't include group members in group lookups" +#~ msgstr "No incluye a los miembros del grupo en las búsquedas de grupo" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "El GID del grupo" +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Tiempo máximo de una entrada del caché (segundos)" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "Especifique el grupo a agregar\n" +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Restringir o preferir una familia de direcciones específica, cuando se " +#~ "realicen búsquedas DNS" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "El GID elegido está fuera del rango permitido\n" +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Por cuánto tiempo permitir ingresos cacheados luego del último (días)" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "No se pudo asignar el ID para el grupo - ¿el dominio estará lleno?\n" +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "Cuanto debería SSSD hablar con un único servidor DNS antes de intentar el " +#~ "siguiente servidor (milisegundos)" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "Ya existe un grupo con el mismo nombre o GID\n" +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "" +#~ "Cuanto debería mantenerse intentando resolver una única petición DNS " +#~ "(segundos)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se " +#~ "estén resolviendo servidores" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "La sección del dominio de la consulta para descubrir servicios DNS" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "Sustituye valor GID del proveedor de la identidad con este valor" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Trate al nombre de usuario con mayúsculas y minúsculas" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "" +#~ "Frecuencia con la que deberían expirar las entradas refrescada en segundo " +#~ "plano" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Que actualice automáticamente las entradas del cliente DNS" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "El TTL a aplicar a la entrada del cliente DNS después de actualizarla" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "La interfaz cuya IP debería ser utilizada para actualizaciones DNS " +#~ "automáticas" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "" +#~ "Frecuencia con la que actualizar periódicamente la entrada del cliente DNS" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "" +#~ "Si el proveedor debería explícitamente actualizar el registro PTR también" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Si la utilidad nsupdate debería utilizar por defecto TCP" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Clase de autenticación que debería ser usada para llevar a cabo una " +#~ "actualización DNS" + +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "" +#~ "Borrar el servidor DNS utilizado para llevar a cabo una actualización DNS" + +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Control de enumeración de los dominios de confianza" + +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Frecuencia con la que la lista de subdominios es refrescada" + +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Lista de las opciones que serían heredadas a un subdominio" + +#~ msgid "Default subdomain homedir value" +#~ msgstr "Valor homedir del subdominio por defecto" + +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "" +#~ "Cuanto serán usadas las credenciales en cache para la autenticación en " +#~ "cache" + +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "Ya sea para crear grupos privados para usuarios" + +#~ msgid "IPA domain" +#~ msgstr "Dominio IPA" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "Error en la transacción. No se pudo agregar el grupo.\n" +#~ msgid "IPA server address" +#~ msgstr "Dirección del servidor IPA" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "Especifique el grupo a borrar\n" +#~ msgid "Address of backup IPA server" +#~ msgstr "Dirección del servidor de respaldo IPA" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "El grupo %1$s está fuera del rango de ID definidas para el dominio\n" +#~ msgid "IPA client hostname" +#~ msgstr "Nombre de equipo del cliente IPA" -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"Petición NSS fallo (%1$d). La entrada debe permanecer en la memoria cache.\n" +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Si actualizar o no en forma automática la entrada DNS del cliente en " +#~ "FreeIPA" -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"No existe tal grupo en el dominio local. Eliminando los grupos que sólo se " -"permiten en el dominio local.\n" +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Búsqueda base para objetos HBAC" -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "Error interno. No se pudo eliminar el grupo.\n" +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "" +#~ "Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "Grupos a los que se debe agregar este grupo" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "" +#~ "La cantidad de tiempo en segundos entre búsquedas de los mapas SELinux " +#~ "contra el servidor IPA" -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "Grupos desde los que se debe eliminar este grupo" +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Si se lo define en 'false', será ignorado el argumento de equipo ofrecido " +#~ "por PAM" -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "Especifica el grupo a ser eliminado de\n" +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "" +#~ "La ubicación de montaje automático que este cliente de IPA está usando" -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "Especifique el grupo a modificar\n" +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "" +#~ "Buscar base para el objeto que contiene información sobre el dominio IPA" -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"No se pudo encontrar el grupo en el dominio local, la modificación de grupos " -"se permite sólo en el dominio local\n" +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "" +#~ "Buscar base para los objetos que contienen información sobre los rangos ID" + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "" +#~ "Habilita la localización de sitios DNS en base al servicio de " +#~ "descubrimiento" + +#~ msgid "Search base for view containers" +#~ msgstr "Buscar base para la visualización de contenedores" + +#~ msgid "Objectclass for view containers" +#~ msgstr "Objectclass para visualizar contenedores" + +#~ msgid "Attribute with the name of the view" +#~ msgstr "Atributo con el nombre de la vista" + +#~ msgid "Objectclass for override objects" +#~ msgstr "Objectclass para anular objetos" + +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "Atributo con la referencia al objeto original" + +#~ msgid "Objectclass for user override objects" +#~ msgstr "Objectclass para anular objetos de usuario" + +#~ msgid "Objectclass for group override objects" +#~ msgstr "Objectclass para anular objetos de grupo" + +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "Base de búsqueda para objetos relacionados con Desktop Profile" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "La cantidad de tiempo en segundos entre las búsquedas de las reglas " +#~ "Desktop Profile contra el servidor IPA" + +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "La cantidad de tiempo en minutos entre búsquedas de reglas de Desktop " +#~ "Profiles contra el servidor IPA cuando la última petición no ha " +#~ "encontrado ninguna regla" + +#~ msgid "Active Directory domain" +#~ msgstr "Dominio Active Directory" + +#~ msgid "Enabled Active Directory domains" +#~ msgstr "Habilitar dominio Active Directory" + +#~ msgid "Active Directory server address" +#~ msgstr "Dirección del servidor Active Directory" + +#~ msgid "Active Directory backup server address" +#~ msgstr "Dirección del servidor de respaldo Active Directory" + +#~ msgid "Active Directory client hostname" +#~ msgstr "Nombre de host del cliente de Active Directory" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Filtro LDAP para determinar privilegios de acceso" + +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Si se usa Global Catalog para búsquedas" + +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Modo de operación para control de acceso basado en GPO" + +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "" +#~ "La cantidad de tiempo entre búsquedas de los ficheros de política GPO " +#~ "contra el servidor AD" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Servicio de nombres PAM que mapea a los ajustes de política GPO " +#~ "(Deny)InteractiveLogonRight" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "Servicio de nombres PAM que mapea a los ajustes de política GPO " +#~ "(Deny)RemoteInteractiveLogonRight" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "" -"Los grupos miembro deben estar en el mismo dominio que el grupo padre\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Servicio de nombres PAM que mapea a los ajustes de política GPO " +#~ "(Deny)NetworkLogonRight" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"No se puede encontrar el grupo %1$s en el dominio local, solo están " -"permitidos grupos en el dominio local\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Servicio de nombres PAM que mapea a los ajustes de política GPO " +#~ "(Deny)BatchLogonRight" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"No se pudo modificar el grupo - verifique si los nombre de grupo miembro son " -"los correctos\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Servicio de nombres PAM que mapea a los ajustes de política GPO " +#~ "(Deny)ServiceLogonRight" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"No se pudo modificar el grupo - verifique si el nombre de grupo es correcto\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "" +#~ "Servicio de nombres PAM por el que el acceso basado en GPO será siempre " +#~ "alcanzado" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "Error de transacción. No se pudo modificar el grupo.\n" +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "" +#~ "Servicio de nombres PAM por el que el acceso basado en GPO será siempre " +#~ "denegado" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Magia privada" +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Derecho de acceso por defecto (o permitir/denegar) a usar por el servicio " +#~ "de nombres PAM no mapeado" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$sGroup: %3$s\n" +#~ msgid "a particular site to be used by the client" +#~ msgstr "un sitio concreto a ser usado por el cliente" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$sGID número: %2$d\n" +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "" +#~ "Edad máxima en días antes de que la cuenta de contraseña debería ser " +#~ "renovada" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "%1$sMember usuarios: " +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "" +#~ "Opción para afinar la tarea de renovación de la cuenta de la máquina" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$sIs un miembro de: " +#~ msgid "Kerberos server address" +#~ msgstr "Dirección del servidor Kerberos" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"%1$sMember grupos: " +#~ msgid "Kerberos backup server address" +#~ msgstr "Dirección del servidor de respaldo Kerberos" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "Imprime miembros de grupo indirecto en forma recursiva" +#~ msgid "Kerberos realm" +#~ msgstr "Reinado Kerberos" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "Especifica el grupo a mostrar\n" +#~ msgid "Authentication timeout" +#~ msgstr "Expiración de la autenticación" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"No existe tal grupo en el dominio local. Imprimir los grupos está permitido " -"únicamente en el dominio local.\n" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Si se crean ficheros kdcinfo" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "Error interno. No se pudo imprimir el grupo.\n" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Dónde soltar los fragmentos de configuración de krb5" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "Eliminar el directorio de inicio y el receptor de correo" +#~ msgid "Directory to store credential caches" +#~ msgstr "Directorio donde almacenar las credenciales cacheadas" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "No eliminar el directorio de inicio y el receptor de correo" +#~ msgid "Location of the user's credential cache" +#~ msgstr "Ubicación del caché de credenciales del usuario" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "Forzar la eliminación de los archivos que no pertenecen al usuario" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Ubicación de la tabla de claves para validar las credenciales" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "Finaliza los procesos del usuario antes de eliminarlo" +#~ msgid "Enable credential validation" +#~ msgstr "Habilitar la validación de credenciales" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "Especifique el usuario a borrar\n" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "Si se encuentra desconectado, almacena contraseñas para más tarde " +#~ "realizar una autenticación en línea" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "El usuario %1$s está fuera del rango de ID definido para el dominio\n" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "ciclo de vida renovable del TGT" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "No es posible reiniciar contexto de registro de SELinux\n" +#~ msgid "Lifetime of the TGT" +#~ msgstr "ciclo de vida del TGT" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"PRECAUCIÓN: El usuario (uid %1$lu) estaba todavía conectado cuando se " -"borró.\n" +#~ msgid "Time between two checks for renewal" +#~ msgstr "tiempo entre dos comprobaciones para renovación " -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "" -"No es posible determinar si el usuario estaba registrado en esta plataforma" +#~ msgid "Enables FAST" +#~ msgstr "Habilita FAST" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Selecciona el principal para su uso por FAST" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "El comando post-delete falló: %1$s\n" +#~ msgid "Enables principal canonicalization" +#~ msgstr "Habilita canonicalización principal" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n" +#~ msgid "Enables enterprise principals" +#~ msgstr "Permite los principios de la empresa" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "No se puede borrar homedir: %1$s\n" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "" +#~ "Un mapeo desde los nombres de usuario a los nombres de principal de " +#~ "Kerberos" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"No existe ese usuario en el dominio local. La eliminación de usuarios se " -"permite en el dominio local.\n" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "El servidor en donde está ejecutándose el servicio de modificación de " +#~ "contraseña, en caso de no ser KDC. " -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "Error interno. No se pudo eliminar el usuario.\n" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, El URI del servidor LDAP" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "El GID del Usuario" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, La URI del servidor LDAP" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "Grupos a los que se debe agregar este usuario" +#~ msgid "The default base DN" +#~ msgstr "DN base predeterminado" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "Grupos desde los que hay que eliminar este usuario" +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "Bloquear la cuenta" +#~ msgid "Mode used to change user password" +#~ msgstr "Modo usado para cambiar la contraseña de usuario" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "Desbloquear la cuenta" +#~ msgid "The default bind DN" +#~ msgstr "El DN Bind predeterminado" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "Añadir un par atributo/valor. El formato es nombre_atributo=valor." +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "El tipo del token de autenticación del DN bind predeterminado" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "Borrar un par atributo/valor. El formato es nombre_atributo=valor." +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "El token de autenticación del DN bind predeterminado" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"Fijar un atributo para un par nombre/valor. El formato es " -"nombre_atributo=valor. Para atributos con múltiples valores, el comando " -"reemplaza el valor ya presente" +#~ msgid "Length of time to attempt connection" +#~ msgstr "Tiempo durante el que se intentará la conexión" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "Especifique el par(es) nombre/valor\n" +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "Especifique el usuario a modificar\n" +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"No se pudo encontrar el usuario en el dominio local, la modificación de los " -"usuarios se permite solamente en el dominio local\n" +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Use solo el caso superior para nombres reales" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"No se pudo modificar el usuario - verifique si los nombres de grupo son " -"correctos\n" +#~ msgid "File that contains CA certificates" +#~ msgstr "Archivo que contiene los certificados CA" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"No se pudo modificar el usuario - ¿no será ya miembro de esos grupos?\n" +#~ msgid "Path to CA certificate directory" +#~ msgstr "Ruta hacia un directorio certificado CA" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "Error de transacción. No se pudo modificar el usuario.\n" +#~ msgid "File that contains the client certificate" +#~ msgstr "Fichero que contiene el certificado de cliente" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "" -"No hay objetos en el cache que coincidan con la búsqueda especificada\n" +#~ msgid "File that contains the client key" +#~ msgstr "Fichero que contiene la llave de cliente" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "No podría invalidar %1$s\n" +#~ msgid "List of possible ciphers suites" +#~ msgstr "Lista de posibles suites de cifrado" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "No podría invalidar %1$s %2$s\n" +#~ msgid "Require TLS certificate verification" +#~ msgstr "Requiere la verificación de certificado TLS" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "Invalidar todas las entradas en el cache" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Especificar el mecanismo sasl a usar" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "Usuario particular invalidado" +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Especifique el id de autorización sasl a usar" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "Todos los usuarios invalidados" +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Especifica el reinado de autorización sasl a ser utilizado" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "Invalidar grupo concreto" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "Invalidar todos los grupos" +#~ msgid "Kerberos service keytab" +#~ msgstr "Tabla de clave del servicio Kerberos" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "Invalidar un grupo de red concreto" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Usar auth Kerberos para la conexión LDAP" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "Invalidar todos los grupos de red" +#~ msgid "Follow LDAP referrals" +#~ msgstr "Seguir referencias LDAP" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "Invalidar un servicio concreto" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Período de vida del TGT para la conexión LDAP" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "Invalidar todos los servicios" +#~ msgid "How to dereference aliases" +#~ msgstr "Como eliminar aliases" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "Invalidar mapa autofs concreto" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Nombre de servicio para busquedas de servicios DNS" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "Invalidar todos los mapas autofs" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "Invalidar SSH host concreto" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "La cantidad de miembros que deben faltar para desencadenar una deref " +#~ "completa" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "Invalidar todos los hosts SSH" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Si la Biblioteca LDAP debería realizar una búsqueda inversa para " +#~ "canonicalizar el nombre del host durante un enlace SASL" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "Invalidar una regla sudo concreta" +#~ msgid "entryUSN attribute" +#~ msgstr "atributo entryUSN" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "Invalidar todas las reglas sudo cacheadas" +#~ msgid "lastUSN attribute" +#~ msgstr "atributo lastUSN" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "Solo invalidar las entradas de un dominio concreto" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "El período de tiempo máximo para retener una conexión con el servidor " +#~ "LDAP antes de desconectar" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" -"Se han suministrado argumento(s) no esperado, opciones que invalidan un " -"único objeto solo aceptan que se les suministre un único argumento.\n" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Deshabilita el control de paginación LDAP" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "Por favor seleccione al menos un objeto par invalidar\n" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Deshabilitar el rango de recuperación Active Directory" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"No podría abrir el dominio %1$s. Si el dominio es un subdominio (dominio " -"confiable), use el nombre totalmente cualificado en lugar de --domain/-d " -"parametro.\n" +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Tiempo máximo a esperar un pedido de búsqueda" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "No podría abrir los dominios disponibles\n" +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "periodo de espera para solicitud de enumeración" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "El nombre '%1$s' no parece ser FQDN ('%2$s = TRUE' está fijado)\n" +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Tiempo en segundos entre las actualizaciones de enumeración" -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "Falta memoria\n" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "periodo de tiempo entre borrados de la caché" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s debe ser ejecutado como root\n" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Requiere TLS para búsquedas de ID" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "si" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "Usar el mapeado ID de objectSID en lugar de las IDs preajustadas" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "no" +#~ msgid "Base DN for user lookups" +#~ msgstr "DN base para búsquedas de usuario" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "error" +#~ msgid "Scope of user lookups" +#~ msgstr "Ambito de las búsquedas del usuario" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "Resultado no válido." +#~ msgid "Filter for user lookups" +#~ msgstr "Filtro para las búsquedas del usuario" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "Incapaz de leer la entrada del usuario\n" +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass para los usuarios" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "Entrada no válida, por favor suministre bien '%s' o bien '%s'.\n" +#~ msgid "Username attribute" +#~ msgstr "Atributo Username" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "Error mientras se ejecutaba comando externo\n" +#~ msgid "UID attribute" +#~ msgstr "Atributo UID" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "SSSD necesita estar corriendo. ¿Arrancar SSSD ahora?" +#~ msgid "Primary GID attribute" +#~ msgstr "Atributo GID primario" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "SSSD no debe estar corriendo. ¿Parar SSSD ahora?" +#~ msgid "GECOS attribute" +#~ msgstr "Atributo GECOS" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "SSSD necesita ser reiniciado. ¿Reiniciar SSSD ahora?" +#~ msgid "Home directory attribute" +#~ msgstr "Atributo Directorio de inicio" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr " %s no está presente en cache.\n" +#~ msgid "Shell attribute" +#~ msgstr "Atributo shell" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "Nombre" +#~ msgid "UUID attribute" +#~ msgstr "Atributo UUID" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "Fecha de creación de la entrada cache" +#~ msgid "objectSID attribute" +#~ msgstr "Atributo objectSID" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "Última hora de actualización de la entrada cache" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "Atributo primario del grupo Active Directory para el mapeado de ID" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "Tiempo de expiración de la entrada cache" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Atributo principal del usuario (para Kerberos) " -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "Cached en InfoPipe" +#~ msgid "Full Name" +#~ msgstr "Nombre completo" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "Error: Incapaz para obtener objeto [%d]: %s\n" +#~ msgid "memberOf attribute" +#~ msgstr "Atributo memberOf" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "%s: Incapaz de leer el valor [%d]: %s\n" +#~ msgid "Modification time attribute" +#~ msgstr "Atributo hora de modificación" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "Especificar nombre." +#~ msgid "shadowLastChange attribute" +#~ msgstr "atributo shadowLastChange" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "Incapaz de analizar el nombre %s.\n" +#~ msgid "shadowMin attribute" +#~ msgstr "atributo shadowMin " -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "Búsqueda por SID" +#~ msgid "shadowMax attribute" +#~ msgstr "atributo shadowMax" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "Búsqueda por ID de usuario" +#~ msgid "shadowWarning attribute" +#~ msgstr "atributo shadowWarning " -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "Tiempo de expiración de Initgroups" +#~ msgid "shadowInactive attribute" +#~ msgstr "atributo shadowInactive " -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "Búsqueda por ID de grupo" +#~ msgid "shadowExpire attribute" +#~ msgstr "atributo shadowExpire" -#: src/tools/sssctl/sssctl_config.c:70 -#, fuzzy, c-format -msgid "Failed to open %s\n" -msgstr "Incapaz de analizar el nombre %s.\n" +#~ msgid "shadowFlag attribute" +#~ msgstr "atributo shadowFlag " -#: src/tools/sssctl/sssctl_config.c:75 -#, fuzzy, c-format -msgid "File %1$s does not exist.\n" -msgstr "El socket SSSD no existe." +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "listado de atributos de servicios PAM autorizados" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" -"La propiedad del fichero y la comprobación de permisos fallaron. Se esperaba " -"root:root y 0600.\n" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Atributo de listado de equipos de servidor autorizados" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "Atributo listando los rhosts de los servidores autorizados" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "atributo krbLastPwdChange " -#: src/tools/sssctl/sssctl_config.c:99 -#, fuzzy -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" -"Fichero %1$s no existe. SSSD usará la configuración predeterminada con " -"ficheros del suministrador.\n" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "atributo krbPasswordExpiration " -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "atributo indicando que las políticas de contraseña del lado del servidor " +#~ "están activas" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "Cuestiones identificadas por los validadores: %zu\n" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "atributo accountExpires de AD" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "Mensajes generados durante la configuración de la fusión: %zu\n" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "atributo userAccountControl de AD" -#: src/tools/sssctl/sssctl_config.c:137 -#, fuzzy, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "Configuración usada retazos de ficheros: %u\n" +#~ msgid "nsAccountLock attribute" +#~ msgstr "atributo nsAccountLock " -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "Incapaz de crear el directorio de respaldo [%d]: %s" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "loginDisabled atributo de NDS" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "Respaldo SSSD de datos locales ya existe, ¿anular?" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "loginExpirationTime atributo de NDS" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "Incapaz de exportar usuarios anulados\n" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "loginAllowedTimeMap atributo de NDS" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "Incapaz de exportar grupos anulados\n" +#~ msgid "SSH public key attribute" +#~ msgstr "Atributo de clave pública SSH" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "Anular respaldo existente" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "" +#~ "atributo listando los tipos de autenticación permitidos para un usuario" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "Incapaz de importar usuario anulado\n" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "atributo conteniendo el certificado X509 del usuario" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "Incapaz de importar grupo anulado\n" +#~ msgid "attribute containing the email address of the user" +#~ msgstr "" +#~ "atributo que contiene la dirección de correo electrónico del usuario" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "Arrancar SSSD si no está corriendo" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "Una lista de los atributos extra a descargar junto con la entrada del " +#~ "usuario" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "Reiniciar SSSD después de la importación de datos" +#~ msgid "Base DN for group lookups" +#~ msgstr "DN base para busqueda de grupos" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "Crear limpiar ficheros cache e importar datos locales" +#~ msgid "Objectclass for groups" +#~ msgstr "clase objeto para" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "Para SSSD antes de borrar el cache" +#~ msgid "Group name" +#~ msgstr "Nombre del grupo" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "Iniciar SSSD cuando se haya borrado el cache" +#~ msgid "Group password" +#~ msgstr "Contraseña del grupo" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "Creando respaldo de los datos locales...\n" +#~ msgid "GID attribute" +#~ msgstr "Atributo GID" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" -"Incapaz de crear el respaldo de los datos locales, no se puede quitar el " -"cache.\n" +#~ msgid "Group member attribute" +#~ msgstr "Atributo de miembro del grupo" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "Borrando los ficheros del cache...\n" +#~ msgid "Group UUID attribute" +#~ msgstr "Atributo UUID de grupo" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "Incapaz de borrar ficheros en cache\n" +#~ msgid "Modification time attribute for groups" +#~ msgstr "Atributo de modificación de tiempo para los grupos" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "Restaurando datos locales...\n" +#~ msgid "Type of the group and other flags" +#~ msgstr "Tipo del grupo y otras banderas" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "" -"Muestra la lista de dominio incluyendo los tipos de dominios primarios y de " -"confianza" +#~ msgid "The LDAP group external member attribute" +#~ msgstr "Atributo de miembro de grupo externo LDAP" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "¡Incapaz de conectar al bus del sistema!\n" +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "Máximo nivel de anidamiento que seguirá SSSD" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "En línea" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "DN base para búsquedas de grupos de red" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "Fuera de línea" +#~ msgid "Objectclass for netgroups" +#~ msgstr "Clases de objetos para grupos de red" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "Estado en línea: %s\n" +#~ msgid "Netgroup name" +#~ msgstr "Nombre de grupo de red" -#: src/tools/sssctl/sssctl_domains.c:213 -#, fuzzy -msgid "This domain has no active servers.\n" -msgstr "Mostrar información sobre el servidor activo" +#~ msgid "Netgroups members attribute" +#~ msgstr "Atributo de miembros de grupos de red" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "Servidores activos:\n" +#~ msgid "Netgroup triple attribute" +#~ msgstr "Atributo triple de grupo de red" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "no conectado" +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Atributo de modificación de tiempo para grupos de red" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "Base DN for service lookups" +#~ msgstr "Base DN para servicio de búsquedas" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "Descubiertos %s servidores:\n" +#~ msgid "Objectclass for services" +#~ msgstr "Clase de objeto para servicio" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "Ninguno tan lejos.\n" +#~ msgid "Service name attribute" +#~ msgstr "Atributo de nombre de servicio" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "Mostrar el estado en línea" +#~ msgid "Service port attribute" +#~ msgstr "Atributo de puerto de servicio" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "Mostrar información sobre el servidor activo" +#~ msgid "Service protocol attribute" +#~ msgstr "Atributo de protocolo de servidor" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "Mostrar la lista de servidores descubiertos" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Límite más bajo para el mapeo de ID" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "Especificar el nombre de dominio." +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Límite más alto para el mapeo de ID" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "¡Fuera de memoria!\n" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Número de IDs por cada trozo cuando se mapean ID" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "Incapaz de obtener el estado en línea\n" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "Usar el algoritmo compatible con autorid para el mapeo de ID" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "Incapaz de obtener la lista de servidores\n" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Nombre del dominio por defecto para el mapeo de ID" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID del dominio por defecto para el mapeo de ID" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "Borrar los ficheros de registro en lugar de dividirlos" +#~ msgid "Number of secondary slices" +#~ msgstr "Número de trozos secundarios" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "Borrando ficheros de registro...\n" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Si usar Token-Groups" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "Incapaz de borrar los ficheros de registro\n" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "Fijar el límite más bajo de IDs permitidas desde el servidor LDAP" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "Truncando ficheros de registro...\n" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Fijar el límite más alto para las IDs permitidas desde el servidor LDAP" -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "Incapaz de truncar los ficheros de registro\n" +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN para consultas ppolicy" -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "¡Fuera de memoria!" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "Máximas entradas a recuperar durante una solicitud de comodín" -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "Archivando ficheros de registro en %s...\n" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Política para evaluar el vencimiento de la contraseña" -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "Incapaz de archivar los ficheros de registro\n" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "" +#~ "Los atributos que deberán ser utilizados para evaluar si una cuenta ha " +#~ "expirado" -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "Especifique el nivel de depuración que desea fijar" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "" +#~ "Las reglas que deberían ser utilizadas para evaluar control de acceso" -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "SSSD InfoPipe resultado de la búsqueda de usuario:\n" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI de un servidor LDAP donde se permite la modificación de contraseñas" -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "dlopen falló con [%s].\n" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI de un servidor de respaldo LDAP donde están permitidos los cambios de " +#~ "contraseña" -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "dlsym falló con with [%s].\n" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "" +#~ "Nombre del servicio DNS para el servidor de modificación de contraseñas " +#~ "LDAP" -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "malloc falló.\n" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Si actualizar el atributo ldap_user_shadow_last_change después de un " +#~ "cambio de contraseña" -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "sss_getpwnam_r falló con [%d].\n" +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Base DN para búsquedas de reglas sudo" -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "Resultado de la búsqueda de usuario SSSD nss:\n" +#~ msgid "Automatic full refresh period" +#~ msgstr "Período de refresco total automático" -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr " - nombre de usuario: %s\n" +#~ msgid "Automatic smart refresh period" +#~ msgstr "Período de refresco inteligente automático" -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr " - id de usuario: %d\n" +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "Si filtrar la reglas por nombre de host, direcciones IP y red" -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr " - id de grupo: %d\n" +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Nombres de host y/o nombres de dominio totalmente cualificado de esta " +#~ "máquina para filtrar las reglas sudo" -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr " - gecos: %s\n" +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "Direcciones o red IPv4 o IPv6 de esta máquina para filtrar reglas sudo" -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr " - directorio home: %s\n" +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "Si incluir reglas que contienen netgroup en el atributo de host" -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" -" - shell: %s\n" -"\n" +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Si incluir reglas que contengan expresiones regulares en el atributo de " +#~ "host" -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "Acción PAM [auth|acct|setc|chau|open|clos], predeterminada: " +#~ msgid "Object class for sudo rules" +#~ msgstr "Objeto clase para reglas sudo" -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "Servicio PAM, predeterminado: " +#~ msgid "Sudo rule name" +#~ msgstr "Nombre de regla sudo" -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "Especificar nombre de usuario." +#~ msgid "Sudo rule command attribute" +#~ msgstr "Atributo de regla de comando sudo" -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" -"usuario: %s\n" -"acción: %s\n" -"servicio: %s\n" -"\n" +#~ msgid "Sudo rule host attribute" +#~ msgstr "Atributo de la regla host de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "Búsqueda de nombre de usuario con [%s] falló.\n" +#~ msgid "Sudo rule user attribute" +#~ msgstr "Atributo de la regla usuario de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "Búsqueda de Usuario InfoPipe con [%s] falló.\n" +#~ msgid "Sudo rule option attribute" +#~ msgstr "Atributo de la regla opción de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "pam_start falló: %s\n" +#~ msgid "Sudo rule runas attribute" +#~ msgstr "Atributo runas de regla sudo" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" -"probando pam_authenticate\n" -"\n" +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "Atributo de la regla suda runasuser" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "pam_get_item falló: %s\n" +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Atributo de regla runasgroup de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" -"pam_authenticate para usuario [%s]: %s\n" -"\n" +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Atributo de regla notbefore de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" -"probando pam_chauthtok\n" -"\n" +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Atributo de regla noafter de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" -"pam_chauthtok: %s\n" -"\n" +#~ msgid "Sudo rule order attribute" +#~ msgstr "Atributo de regla orden de sudo" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "" -"probando pam_acct_mgmt\n" -"\n" +#~ msgid "Object class for automounter maps" +#~ msgstr "Objeto clase para mapas automontador" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" -"pam_acct_mgmt: %s\n" -"\n" +#~ msgid "Automounter map name attribute" +#~ msgstr "Atributo de nombre de mapa de automontador" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" -"probando pam_setcred\n" -"\n" +#~ msgid "Object class for automounter map entries" +#~ msgstr "Objeto clase para entradas de mapa de automontador" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" -"pam_setcred: [%s]\n" -"\n" +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Atributo de clave de entrada para mapa de automontador" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "" -"probando pam_open_session\n" -"\n" +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Atributo de valor de entrada para mapa de automontador" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" -"pam_open_session: %s\n" -"\n" +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Base DN para búsquedas de mapa de automontador" -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "" -"probando pam_close_session\n" -"\n" +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Lista separada por comas de usuarios autorizados" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" -"pam_close_session: %s\n" -"\n" +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Lista separada por comas de usuarios prohibidos" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "acción desconocida\n" +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Shell predeterminado, /bin/bash" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "Entorno PAM:\n" +#~ msgid "Base for home directories" +#~ msgstr "Base de los directorios de inicio" -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr " - no env -\n" +#~ msgid "The number of preforked proxy children." +#~ msgstr "Número de hijos proxy prefabricados" -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "La ID de usuario para ejecutar el servidor como" +#~ msgid "The name of the NSS library to use" +#~ msgstr "Nombre de la biblioteca NSS a usar" -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "La ID de grupo para ejecutar el servidor como" +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "Si buscar el nombre canónico del grupo desde el cache si es posible" -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "Informa que el contestador ha sido socket-activated" +#~ msgid "PAM stack to use" +#~ msgstr "Pila PAM a usar" -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "Informa que el contestador ha sido dbus-activated" +#~ msgid "Path of passwd file sources." +#~ msgstr "Ruta de las fuentes del fichero passwd" + +#~ msgid "Path of group file sources." +#~ msgstr "Ruta de las fuentes del fichero group" diff --git a/po/eu.po b/po/eu.po index dce3b6ba40..68cf45fc57 100644 --- a/po/eu.po +++ b/po/eu.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -20,1535 +20,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Gutxienezko erabiltzaile IDa" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Gehienezko erabiltzaile IDa" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA domeinua" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA zerbitzariaren helbidea" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA bezeroaren ostalari-izena" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "FAST gaitzen du" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "entryUSN atributua" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "lastUSN atributua" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "UID atributua" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "objectSID atributua" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Izen osoa" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "shadowLastChange atributua" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "shadowMin atributua" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "shadowMax atributua" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "shadowWarning atributua" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "shadowInactive atributua" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "shadowExpire atributua" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "shadowFlag atributua" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "krbLastPwdChange atributua" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "krbPasswordExpiration atributua" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "ADren accountExpires atributua" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "ADren userAccountControl atributua" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "nsAccountLock atributua" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Talde-izena" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Taldearen pasahitza" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "GID atributua" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Shell lehenetsia, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "Inprimatu bertsio zenbakia eta irten" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Arazketa maila" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Gehitu arazketako data-zigiluak" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1588,7 +108,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2401,7 +921,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2578,44 +1098,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "\n" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2824,3 +1344,84 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Minimum user ID" +#~ msgstr "Gutxienezko erabiltzaile IDa" + +#~ msgid "Maximum user ID" +#~ msgstr "Gehienezko erabiltzaile IDa" + +#~ msgid "IPA domain" +#~ msgstr "IPA domeinua" + +#~ msgid "IPA server address" +#~ msgstr "IPA zerbitzariaren helbidea" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA bezeroaren ostalari-izena" + +#~ msgid "Enables FAST" +#~ msgstr "FAST gaitzen du" + +#~ msgid "entryUSN attribute" +#~ msgstr "entryUSN atributua" + +#~ msgid "lastUSN attribute" +#~ msgstr "lastUSN atributua" + +#~ msgid "UID attribute" +#~ msgstr "UID atributua" + +#~ msgid "objectSID attribute" +#~ msgstr "objectSID atributua" + +#~ msgid "Full Name" +#~ msgstr "Izen osoa" + +#~ msgid "shadowLastChange attribute" +#~ msgstr "shadowLastChange atributua" + +#~ msgid "shadowMin attribute" +#~ msgstr "shadowMin atributua" + +#~ msgid "shadowMax attribute" +#~ msgstr "shadowMax atributua" + +#~ msgid "shadowWarning attribute" +#~ msgstr "shadowWarning atributua" + +#~ msgid "shadowInactive attribute" +#~ msgstr "shadowInactive atributua" + +#~ msgid "shadowExpire attribute" +#~ msgstr "shadowExpire atributua" + +#~ msgid "shadowFlag attribute" +#~ msgstr "shadowFlag atributua" + +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "krbLastPwdChange atributua" + +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "krbPasswordExpiration atributua" + +#~ msgid "accountExpires attribute of AD" +#~ msgstr "ADren accountExpires atributua" + +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "ADren userAccountControl atributua" + +#~ msgid "nsAccountLock attribute" +#~ msgstr "nsAccountLock atributua" + +#~ msgid "Group name" +#~ msgstr "Talde-izena" + +#~ msgid "Group password" +#~ msgstr "Taldearen pasahitza" + +#~ msgid "GID attribute" +#~ msgstr "GID atributua" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Shell lehenetsia, /bin/bash" diff --git a/po/fr.po b/po/fr.po index db16ecd395..2dad196a10 100644 --- a/po/fr.po +++ b/po/fr.po @@ -9,13 +9,15 @@ # Mariko Vincent , 2012 # Jérôme Fenal , 2015. #zanata # Jérôme Fenal , 2016. #zanata +# Ludek Janda , 2020. #zanata +# Pavel Brezina , 2020. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" -"PO-Revision-Date: 2016-02-24 03:43+0000\n" -"Last-Translator: Jérôme Fenal \n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" +"PO-Revision-Date: 2020-05-19 10:07+0000\n" +"Last-Translator: Pavel Brezina \n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" "fr/)\n" "Language: fr\n" @@ -25,2962 +27,2714 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Définir le niveau de détails de la sortie de débogage" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "Devenir un démon (par défaut)" -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Ajouter l'horodatage dans les fichiers de débogage" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "Fonctionner en interactif (non démon)" -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" -"Ajouter les microsecondes pour l'horodatage dans les journaux de débogage" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "Désactiver l'interface netlink" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Écrire les messages de débogage dans les journaux" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "Définir un fichier de configuration différent de celui par défaut" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "Rafraîchissez la base de données de configuration, puis quittez" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Commande pour démarrer le service" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "Semblable à --genconf, mais ne rafraîchit que la section donnée" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Nombre d'essais pour tenter de se connecter au fournisseur de données" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "Afficher le numéro de version et quitte" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"Le nombre de descripteurs de fichiers qui peuvent être ouverts par ce " -"répondeur" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "SSSD est déjà en cours d'exécution\n" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "durée d'inactivité avant la déconnexion automatique d'un client" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "Niveau de débogage" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "Ajouter l'horodatage au débogage" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "Afficher l'horodatage en microsecondes" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Services SSSD à démarrer" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "Un descripteur de fichier ouvert pour les journaux de débogage" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Domaines SSSD à démarrer" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "Envoyer la sortie de débogage directement vers l'erreur standard." -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Délai d'attente pour les messages à envoyer à travers SBUS" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "L'utilisateur à utiliser pour la création du ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Expression rationnelle d'analyse des noms d'utilisateur et de domaine" +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "Le groupe à utiliser pour la création du ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Format compatible printf d'affichage des noms complétement qualifiés" +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "Domaine Kerberos à utiliser" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Répertoire du système de fichiers où SSSD doit stocker les fichiers de " -"relecture de Kerberos." +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "Demande de renouvellement à vie du billet" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Domaine à ajouter aux noms sans composant de nom de domaine." +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "Demande de renouvellement à vie du billet" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "L'utilisation vers lequel abandonner les privilèges" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "Options FAST ('never', 'try', 'demand')" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" +msgstr "Spécifie le principal de serveur afin d'utiliser FAST." -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Tous les espaces dans les noms de groupes ou d'utilisateurs seront remplacés " -"par ce caractère" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "Demande la canonisation du nom principal" -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "Utiliser la version personnalisée de krb5_get_init_creds_password" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "Domaine du fournisseur d'informations (obligatoire)" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." msgstr "" +"Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire." -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Délai d'attente du cache d'énumération (en secondes)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." msgstr "" -"Délai d'attente de mise à jour en arrière-plan de l'entrée de cache (en " -"secondes)" +"Le socket public a de mauvaises permissions ou un mauvais propriétaire." -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Délai d'attente du cache négatif (en secondes)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "Le message du serveur de crédits a un format inattendu." -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD n'est pas démarré par root." -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Utilisateurs que SSSD doit explicitement ignorer" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "La socket SSSD n'existe pas." -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Groupes que SSSD doit explicitement ignorer" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "Impossible d'obtenir le stat du socket SSSD." -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Les utilisateurs filtrés doivent-ils apparaître dans les groupes" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "Une erreur est survenue mais aucune description n'est trouvée." -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Valeur du champ de mot de passe que le fournisseur NSS doit renvoyer" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" +msgstr "Erreur inattendue lors de la recherche de la description de l'erreur" -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"Remplacer par cette valeur celle du répertoire personnel obtenu avec le " -"fournisseur d'identité" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "Accès refusé." -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Substitution de la valeur homedir vide du fournisseur d'identité avec cette " -"valeur" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "Message du serveur : " -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "Écraser le shell donné par le fournisseur d'identité avec cette valeur" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "Les mots de passe ne correspondent pas" -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." msgstr "" -"Liste des interpréteurs de commandes utilisateurs autorisés pour se connecter" +"La réinitialisation du mot de passe par root n'est pas prise en charge." -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"Liste des interpréteurs de commandes bannis et remplacés par celui par défaut" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "Authentifié avec les crédits mis en cache" -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Si un interpréteur de commandes stocké dans l'annuaire central est autorisé " -"mais indisponible, utiliser à défaut celui-ci" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr ", votre mot de passe en cache expirera à :" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Shell à utiliser si le fournisseur n'en propose aucun" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "" +"Votre mot de passe a expiré. Il vous reste %1$d connexion(s) autorisée(s)." -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Durée de maintien en cache des enregistrements valides" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "Votre mot de passe expirera dans %1$d %2$s." -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "L'authentification est refusée jusque :" -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" msgstr "" -"Délai pendant lequel les connexions utilisant le cache sont autorisées entre " -"deux connexions en ligne (en jours)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Nombre d'échecs de connexions hors-ligne autorisés" +"Le système est hors-ligne, les modifications du mot de passe sont impossibles" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" msgstr "" -"Durée d'interdiction de connexion après que offline_failed_login_attempts " -"est atteint (en minutes)" +"Après avoir modifié le mot de passe OTP, vous devez vous déconnecter et vous " +"reconnecter afin d'acquérir un ticket" -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" -"Quels types de messages sont affichés à l'utilisateur pendant " -"l'authentification" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "Échec du changement de mot de passe." -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "Nouveau mot de passe : " -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Durée en secondes pendant laquelle les informations d'identité sont gardées " -"en cache pour les requêtes PAM" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "Retaper le nouveau mot de passe : " -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" -"Nombre de jours précédent l'expiration du mot de passe avant lesquels un " -"avertissement doit être affiché" +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "Premier facteur :" -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "Liste des uid ou noms d'utilisateurs dignes de confiance" +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "Deuxième facteur (facultatif) : " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" -"Liste des domaines accessibles y compris par les utilisateurs non dignes de " -"confiance" +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "Second facteur :" -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "Message affiché lorsque le compte a expiré" +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "Mot de passe : " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "Premier facteur (mot de passe actuel) : " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "Mot de passe actuel : " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "Le niveau de débogage utilisé avec" -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "Le domaine SSSD à utiliser" -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "Erreur lors du paramétrage de la locale\n" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "Mémoire insuffisante\n" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "Utilisateur non spécifié\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "Faut-il évaluer les attributs dépendants du temps dans les règles sudo" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "Erreur lors de la recherche des clés publiques\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "Le port à utiliser pour se connecter à l'hôte" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "Imprimer les clés publiques ssh de l'hôte" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Condenser ou non les noms de systèmes et adresses du fichier known_hosts" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "Port invalide\n" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Le nombre de secondes pour garder un hôte dans le fichier known_hosts après " -"que ses clés d'hôte ont été demandées" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "Hôte non spécifié\n" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "Le chemin vers la commande de proxy doit être absolue\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy : Impossible de résoudre le nom d'hôte %s\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "L'UID de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur PAC" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "Phrase de commentaire" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Répertoire utilisateur" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur " -"InfoPipe" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Interpréteur de commandes de connexion" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Liste des attributs utilisateur que l'InfoPipe est autorisé à publier" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Groupes" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Créer le repertoire utilisateur s'il n'existe pas" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "Ne jamais créer de répertoire utilisateur, outrepasse la configuration" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Spécifie un répertoire squelette alternatif" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "L'utilisateur SELinux pour l'identifiant de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "Définir le groupe à ajouter à\n" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "Définir l'utilisateur à ajouter à\n" -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" +msgstr "Erreur à l'initialisation des outils - aucun domaine local\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "Erreur à l'initialisation des outils\n" -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "Domaine invalide définit dans le FQDN\n" -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "Erreur interne lors de l'analyse des paramètres\n" -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "Les groupes doivent être dans le même domaine que l'utilisateur\n" -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "Impossible de trouver le groupe %1$s dans le domaine local\n" -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "Impossible de définir les valeurs par défaut\n" -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" +msgstr "L'UID sélectionné est en dehors de la plage autorisée\n" -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "Impossible de définir le contexte de connexion SELinux\n" + +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "Impossible de trouver les informations sur l'utilisateur\n" -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" +"Le répertoire de l'utilisateur existe déjà, les données du répertoire " +"squelette ne sont pas copiées\n" + +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "Impossible de créer le répertoire de l'utilisateur : %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" msgstr "" +"Impossible de créer le répertoire de réception des messages électroniques " +"pour l'utilisateur : %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" msgstr "" +"L'identifiant de l'utilisateur ne peut pas être alloué - domaine plein ?\n" -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Fournisseur d'identité" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" +msgstr "Un utilisateur ou groupe avec le même nom ou identifiant existe déjà\n" -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Fournisseur d'authentification" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "Erreur de transaction. Impossible d'ajouter l'utilisateur.\n" -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Fournisseur de contrôle d'accès" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "Le GID du groupe" -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Fournisseur de changement de mot de passe" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "Définir le groupe à ajouter\n" -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "Fournisseur SUDO" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "Le GID choisit est en dehors de la plage autorisée\n" -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Fournisseur autofs" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "Impossible d'allouer l'identifiant du groupe - domaine plein ?\n" -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Fournisseur d'identité de l'hôte" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "Un groupe avec le même nom ou GID existe déjà\n" -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "Erreur de transaction. Impossible d'ajouter le groupe.\n" -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "Spécifier le groupe à supprimer\n" -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" msgstr "" +"Le groupe %1$s est en dehors de la plage d'identifiants définie pour le " +"domaine\n" -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Identifiant utilisateur minimum" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Identifiant utilisateur maximum" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Activer l'énumération de tous les utilisateurs/groupes" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Mettre en cache les crédits pour une connexion hors-ligne" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Afficher les utilisateurs/groupes dans un format complétement qualifié" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Ne pas inclure les membres des groupes dans les recherches de groupes." - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Durée de validité des entrées en cache (en secondes)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "Restreindre ou préférer une famille d'adresses lors des recherches DNS" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" msgstr "" -"Durée de validité des entrées en cache après la dernière connexion réussie " -"(en jours)" +"Échec de requête NSS (%1$d). L'entrée peut persister dans le cache en " +"mémoire.\n" -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/tools/sss_groupdel.c:132 msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" msgstr "" -"Délai d'attente des réponses du DNS lors de la résolution des serveurs (en " -"secondes)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "La partie domaine de la requête de découverte de service DNS" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "Écraser la valeur du GID du fournisseur d'identité avec cette valeur" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Considère les noms d'utilisateur comme casse dépendant" +"Aucun groupe dans le domaine local. La suppression de groupes n'est " +"autorisée que dans le domaine local.\n" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Fréquence de rafraîchissement en arrière plan des entrées expirées" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "Erreur interne. Impossible de supprimer le groupe.\n" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Groupes auxquels ce groupe sera ajouté" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "Le TTL à appliquer à l'entrée DNS du client après modification" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Groupes desquels ce groupe sera retiré" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"L'interface dont l'adresse IP doit être utilisée pour les mises à jour " -"dynamiques du DNS" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "Définir le groupe duquel supprimer\n" -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Fréquence de mise à jour automatique de l'entrée DNS du client" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "Définir le groupe à modifier\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" +#: src/tools/sss_groupmod.c:130 +msgid "" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"Selon que le fournisseur doit aussi ou non mettre à jour explicitement " -"l'enregistrement PTR" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut" +"Impossible de trouver le groupe dans le domaine local, la modification des " +"groupes n'est autorisée que dans le domaine local\n" -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" msgstr "" -"Quel type d'authentification doit être utilisée pour effectuer la mise à " -"jour DNS" +"Les membres du groupe doivent être dans le même domaine que le groupe " +"parent\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format +msgid "" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" +"Impossible de trouver le groupe %1$s dans le domaine local, seuls les " +"groupes du domaine local sont autorisés\n" -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Contrôle l'énumération des domaines approuvés" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Fréquence de rafraîchissement des sous-domaines" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Listes des options qui doivent être héritées dans le sous-domaine" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" msgstr "" +"Impossible de modifier le groupe - vérifier que les noms des groupes membres " +"sont corrects\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" msgstr "" +"Impossible de modifier le groupe - vérifier que le nom du groupe est " +"correct\n" -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "Erreur de transaction. Impossible de modifier le groupe.\n" -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Domaine IPA" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Magie privée" -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Adresse du serveur IPA" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGroup: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adresse du serveur IPA de secours" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$s GID numéro : %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nom de système du client IPA" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "Utilisateurs membres de %1$s :" -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#: src/tools/sss_groupshow.c:627 +#, c-format +msgid "" +"\n" +"%1$sIs a member of: " msgstr "" -"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Base de recherche pour les objets HBAC" +"\n" +"%1$s est membre de : " -#: src/config/SSSDConfig/__init__.py.in:215 +#: src/tools/sss_groupshow.c:634 +#, c-format msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA" +"\n" +"%1$sMember groups: " +msgstr "" +"\n" +"Groupes membres de %1$s : " -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "Afficher les membres du groupe indirects récursivement" -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "Définir le groupe à afficher\n" -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" +#: src/tools/sss_groupshow.c:744 +msgid "" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" msgstr "" -"L'emplacement de la carte de montage automatique utilisée par le client IPA" +"Aucun groupe dans le domaine local. L'affichage des groupes n'est autorisé " +"que dans le domaine local.\n" -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" -"Base de recherche pour l'objet contenant les informations de base à propos " -"du domaine IPA" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "Erreur interne. Impossible d'afficher le groupe.\n" -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" -"Base de recherche pour les objets contenant les informations à propos des " -"plages d'ID" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "Suppression du répertoire personnel et de gestion des mails" -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "Activer les sites DNS - découverte de service basée sur l'emplacement" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "Ne pas supprimer le répertoire personnel et de gestion des mails" -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Base de recherche des conteneurs de vues" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "Forcer la suppression des fichiers n'appartenant pas à l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Classe d'objet pour les conteneurs de vues" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "Tuer les processus de l'utilisateur avant de le supprimer" -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "Attribut avec le nom de la vue" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "Définir l'utilisateur à supprimer\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Classe d'objet surchargeant les objets" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "Attribut faisant référence à l'objet originel " - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Classe d'objet surchargeant les utilisateurs" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "" +"L'utilisateur %1$s est en dehors de la plage d'identifiants définie pour le " +"domaine\n" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Classe d'objet surchargeant les groupes" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "Impossible de réinitialiser le contexte de connexion SELinux\n" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" msgstr "" +"ATTENTION : l'utilisateur (uid %1$lu) était encore connecté lors de sa " +"suppression.\n" -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" msgstr "" +"Impossible de savoir si l'utilisateur était connecté sur cette plateforme" -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "Erreur en vérifiant si l'utilisateur était connecté\n" + +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "La commande post-suppression a échoué : %1$s\n" + +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" msgstr "" +"Le répertoire personnel n'est pas supprimé - l'utilisateur n'en est pas le " +"propriétaire\n" -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Domaine Active Directory" +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "Impossible de supprimer le répertoire utilisateur : %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" +#: src/tools/sss_userdel.c:326 +msgid "" +"No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" +"Aucun utilisateur dans le domaine local. La suppression des utilisateurs " +"n'est autorisée que dans le domaine local.\n" -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Adresse du serveur Active Directory" +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "Erreur interne. Impossible de supprimer l'utilisateur.\n" -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Adresse du serveur Active Directory de secours" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "Le GID de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Nom de système du client Active Directory" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Groupes auxquels ajouter cet utilisateur" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Filtre LDAP pour déterminer les autorisations d'accès" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Groupes auxquels enlever cet utilisateur" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Choisir d'utiliser ou non le catalogue global pour les recherches" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Verrouiller le compte" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Mode opératoire pour les contrôles d'accès basé sur les GPO" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Déverrouiller le compte" -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" -"Durée entre les recherches de fichiers de politiques de GPO dans le serveur " -"AD" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "Ajouter une paire attribut/valeur. Le format est nom_attribut=valeur." -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." msgstr "" -"Noms de services PAM correspondant à la configuration de la politique " -"(Deny)InteractiveLogonRight de la GPO" +"Supprimer une paire attribut/valeur. Le format est nom_attribut=valeur." -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/tools/sss_usermod.c:59 msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" msgstr "" -"Noms de services PAM correspondant à la configuration de la politique " -"(Deny)RemoteInteractiveLogonRight de la GPO" +"Définir une paire attribut/valeur. Le format est nom_attribut=valeur. Pour " +"les attributs multi-valués, la commande remplace les valeurs déjà présentes." -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"Noms de services PAM correspondant à la configuration de la politique " -"(Deny)NetworkLogonRight de la GPO" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "Indiquer les paires nom d'attributs et valeurs.\n" -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" -"Noms de services PAM correspondant à la configuration de la politique " -"(Deny)BatchLogonRight de la GPO" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "Spécifier l'utilisateur à modifier\n" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/tools/sss_usermod.c:180 msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" msgstr "" -"Noms de services PAM correspondant à la configuration de la politique " -"(Deny)ServiceLogonRight de la GPO" +"Impossible de trouver l'utilisateur dans le domaine local, la modification " +"des utilisateurs n'est autorisée que dans le domaine local\n" -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" msgstr "" -"Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " -"toujours autorisés" +"Impossible de modifier l'utilisateur - vérifiez que les noms de groupe sont " +"corrects\n" -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" msgstr "" -"Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " -"toujours interdits" +"Impossible de modifier l'utilisateur - l'utilisateur est déjà membre du " +"groupe ?\n" -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" -"Droit de connexion par défaut (ou permission/interdiction) à utiliser pour " -"les noms de services sans correspondance" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" +msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n" -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "un site particulier utilisé par le client" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n" -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "Impossible d'invalider %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "Impossible d'invalider %1$s %2$s\n" -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Adresse du serveur Kerberos" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "Invalidez toutes les entrées en cache" -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Adresse du serveur Kerberos de secours" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "Invalider un utilisateur spécifique" -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Domaine Kerberos" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "Invalider tous les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Délai avant expiration de l'authentification" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "Invalider un groupe particulier" -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Choisir de créer ou non les fichiers kdcinfo" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "Invalider tous les groupes" -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Où déposer les extraits de configuration krb5" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "Invalider un groupe réseau particulier" -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Répertoire pour stocker les caches de crédits" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "Invalider tous les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Emplacement du cache de crédits de l'utilisateur" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "Invalidation d'un service particulier" -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Emplacement du fichier keytab de validation des crédits" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "Invalidation de tous les services" -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Activer la validation des crédits" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "Invalidation d'une carte autofs particulière" -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" -"Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure " -"en ligne" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "Invalidation de toutes les cartes autofs" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Durée de vie renouvelable du TGT" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "Invalider un hôte SSH particulier" -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Durée de vie du TGT" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "Invalider tous les hôtes SSH" -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Durée entre deux vérifications pour le renouvellement" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "Invalider une règle sudo particulière" -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Active FAST" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "Invalider toutes les règles sudo en cache" -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Sélectionne le principal à utiliser avec FAST" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "N'invalider des entrées que d'un domaine spécifique" -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Active la canonisation du principal" +#: src/tools/sss_cache.c:811 +msgid "" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" +msgstr "" +"Argument(s) inattendu(s) fourni(s), les options qui invalident un seul objet " +"n'acceptent qu'un seul argument fourni.\n" -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Active les principals d'entreprise" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" +msgstr "Merci de sélectionner au moins un objet à invalider\n" -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" msgstr "" +"Impossible d'ouvrir le domaine %1$s. Si le domaine est un sous-domaine " +"(domaine approuvé), utiliser le nom pleinement qualifié au lieu du paramètre " +"--domain/-d.\n" + +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "Impossible d'ouvrir aucun des domaines disponibles\n" -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" msgstr "" -"Serveur où tourne le service de changement de mot de passe s'il n'est pas " -"sur le KDC" +"Le nom « %1$s » ne semble pas être un FQDN (« %2$s = TRUE » est configuré)\n" -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, l'adresse du serveur LDAP" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "Mémoire saturée\n" -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, l'URI du serveur LDAP" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s doit être lancé en tant que root\n" -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "La base DN par défaut" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "oui" -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "non" -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "erreur" -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Le DN de connexion par défaut" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "Résultat non valide." -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Le type de jeton d'authentification du DN de connexion par défaut" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "Impossible de lire l'entrée de l'utilisateur\n" -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Le jeton d'authentification du DN de connexion par défaut" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "Entrée non valable, veuillez fournir %s ou %s\n" -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Durée pendant laquelle il sera tenté d'établir la connexion" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "Erreur lors de l'exécution d'une commande externe\n" -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "Le SSSD doit être exécuté. Démarrer le SSSD maintenant ?" -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "" +"Le SSSD ne doit pas être en cours d'exécution. Arrêter le SSSD maintenant ?" -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "N'utiliser que des majuscules pour les noms de domaine" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "Le SSSD doit être relancé. Redémarrer SSSD maintenant ?" -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Fichier contenant les certificats des CA" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s n'est pas présent dans le cache.\n" -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Chemin vers le répertoire de certificats des CA" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "Nom" -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Fichier contenant le certificat client" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "Date de création de l'entrée en cache" -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Fichier contenant la clé du client" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "Heure de la dernière mise à jour de l'entrée du cache" -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Liste des suites de chiffrement possibles" +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "Temps d'expiration de l'entrée du cache" -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Requiert une vérification de certificat TLS" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "Mise en cache dans InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Spécifier le mécanisme SASL à utiliser" +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "Erreur : Impossible d'obtenir l'objet [%d] : %s\n" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Spécifier l'identité d'authorisation SASL à utiliser" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: Impossible de lire la valeur [%d] : %s\n" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Spécifier le domaine d'authorisation SASL à utiliser" +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "Indiquez le nom." -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "Impossible d'analyser le nom %s.\n" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Service du fichier keytab de Kerberos" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "Recherche par SID" -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "Recherche par ID utilisateur" -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Suivre les référents LDAP" +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Délai d'expiration des initgroups" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Durée de vie du TGT pour la connexion LDAP" +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "Recherche par ID de groupe" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Comment déréférencer les alias" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" +msgstr "N’a pas pu ouvrir %s\n" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Nom du service pour les recherches DNS" +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" +msgstr "Le fichier %1$s n’existe pas.\n" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"Nombre de membres qui doivent être manquants pour activer un déréférencement " -"complet" - -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/tools/sssctl/sssctl_config.c:79 msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" -"Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le " -"nom d'hôte pendant une connexion SASL ?" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "attribut entryUSN" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "attribut lastUSN" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" +"File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" -"Combien de temps conserver la connexion au serveur LDAP avant de se " -"déconnecter" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Désactiver le contrôle des pages LDAP" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Désactiver la récupération de plage Active Directory." - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Durée d'attente pour une requête de recherche" +"La vérification de la propriété et des permissions des fichiers a échoué. " +"Attendue : root:root et 0600.\n" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Durée d'attente pour une requête d'énumération" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Durée entre deux mises à jour d'énumération" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Durée entre les nettoyages de cache" +#: src/tools/sssctl/sssctl_config.c:85 +#, fuzzy, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "Echec du chargement de la configuration à partir de %s.\n" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "TLS est requis pour les recherches d'identifiants" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "Erreur lors de la lecture du répertoire de configuration.\n" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" msgstr "" -"Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-" -"établis" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Base DN pour les recherches d'utilisateurs" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Scope des recherches d'utilisateurs" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtre pour les recherches d'utilisateurs" +"Il n'y a pas de configuration. SSSD utilisera la configuration par défaut " +"avec le fournisseur de fichiers.\n" -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Classe d'objet pour les utilisateurs" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Attribut de nom d'utilisateur" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Attribut UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Attribut de GID primaire" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Attribut GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Attribut de répertoire utilisateur" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Attribut d'interpréteur de commandes" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "Échec de l'exécution des validateurs" -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "attribut UUID" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "Problèmes identifiés par les validateurs : %zu\n" -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "attribut objectSID" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "Messages générés lors de la fusion des configurations : %zu\n" -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Groupe primaire Active Directory pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "Fichiers de configuration utilisés : %zu\n" -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Attribut d'utilisateur principal (pour Kerberos)" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "Impossible de créer le répertoire de sauvegarde [%d]: %s" -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nom complet" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" +msgstr "La sauvegarde SSSD des données locales existe déjà, la remplacer ?" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Attribut memberOf" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "Impossible d'exporter les substitutions d'utilisateur\n" -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Attribut de date de modification" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "Impossible d'exporter les substitutions de groupes\n" -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "Attribut shadowLastChange" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "Remplacer la sauvegarde existante" -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "Attribut shadowMin" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "Impossible d'importer les substitutions d'utilisateur\n" -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "Attribut shadowMax" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "Impossible d'importer les substitutions de groupes\n" -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "Attribut shadowWarning" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "Démarrer SSSD s'il n'est pas en cours d'exécution" -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "Attribut shadowInactive" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "Redémarrer SSSD après l'importation des données" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "Attribut shadowExpire" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "Créer des fichiers de cache propres et importer des données locales" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "Attribut shadowFlag" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "Arrêtez SSSD avant de supprimer le cache" -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Attribut listant les services PAM autorisés" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "Démarrer SSSD lorsque le cache est supprimé" -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Attribut listant les systèmes serveurs autorisés" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "Création d'une sauvegarde des données locales...\n" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" +"Impossible de créer une sauvegarde des données locales, impossible de " +"supprimer le cache.\n" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "Attribut krbLastPwdChange" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "Suppression des fichiers de cache...\n" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "Attribut krbPasswordExpiration" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "Impossible de supprimer les fichiers de cache\n" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" -"Attribut indiquant que la stratégie de mot de passe du serveur est active" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "Restauration des données locales...\n" -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "Attribut AD accountExpires" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" +msgstr "" +"Afficher la liste des domaines, y compris le type de domaine principal ou de " +"confiance" -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "Attribut AD userAccountControl" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "Impossible de se connecter au bus système !\n" -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "Attribut nsAccountLock" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "En ligne" -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "Attribut NDS loginDisabled" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "Hors ligne" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "Attribut NDS loginExpirationTime" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "Statut en ligne : %s\n" -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "Attribut NDS loginAllowedTimeMap" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "Ce domaine n'a pas de serveurs actifs.\n" -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Attribut de clé public SSH" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "Serveurs actifs :\n" -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" -"attribut énumérant les types d'authentification autorisés pour un utilisateur" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "non connecté" -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "attribut contenant le certificat X509 de l'utilisateur" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "Aucun serveur découvert.\n" -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "%s serveurs découverts :\n" -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" -"Une liste des attributs supplémentaires à télécharger avec l'entrée de " -"l'utilisateur" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "Aucun pour l'instant.\n" -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "DN de base pour les recherches de groupes" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "Afficher le statut en ligne" -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Classe d'objet pour les groupes" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "Afficher les informations sur le serveur actif" -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Nom du groupe" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "Afficher la liste des serveurs découverts" -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Mot de passe du groupe" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "Indiquer le nom de domaine." -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Attribut GID" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "Plus de mémoire disponible !\n" -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Attribut membre du groupe" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "Impossible d'obtenir le statut en ligne\n" -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "attribut de l'UUID du groupe" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "Impossible d'obtenir la liste des serveurs\n" -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Attribut de date de modification pour les groupes" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Type de groupe et autres indicateurs" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "Supprimer les fichiers de log au lieu de tronquer" -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "Suppression des fichiers journaux...\n" -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "Impossible de supprimer les fichiers journaux\n" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "DN de base pour les recherches de netgroup" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "Troncature des fichiers de journalisation...\n" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Classe d'objet pour les groupes réseau" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "Impossible de tronquer les fichiers de journalisation\n" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Nom du groupe réseau" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "Plus de mémoire disponible !" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Attribut des membres des groupes réseau" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "Archivage des fichiers journaux dans %s...\n" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Attribut triplet du groupe réseau" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "Impossible d'archiver les fichiers journaux\n" -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Attribut date de modification pour les groupes réseau" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "Spécifiez le niveau de débogage que vous souhaitez définir" -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Nom de domaine (DN) de base pour les recherches de service" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "Résultat de la recherche de l'utilisateur SSSD InfoPipe :\n" -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Classe objet pour les services" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "dlopen a échoué avec [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Attribut de nom de service" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "dlopen a échoué avec [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Attribut de port du service" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "malloc a échoué.\n" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Attribut de service du protocole" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "sss_getpwnam_r a échoué avec [%d].\n" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Limite inférieure pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "Résultat de la recherche de l'utilisateur SSSD nss :\n" -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Limite supérieure pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " - user name: %s\n" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Nombre d'ID par tranche pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " - user id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" -"Utilisation d'un algorithme compatible autorid pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " - group id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Nom du domaine par défaut pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " - gecos: %s\n" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID du domaine par défaut pour la correspondance d'ID" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " - home directory: %s\n" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format +msgid "" +" - shell: %s\n" +"\n" msgstr "" +" - shell: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Choisir d'utiliser ou non les groupes de jetons" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" -"Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "Action PAM [auth|acct|setc|chau|open|clos], par défaut : " -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" -"Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "Service PAM, par défaut : " -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN pour les requêtes sur ppolicy" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "Spécifiez le nom d'utilisateur." -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format +msgid "" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" msgstr "" +"utilisateur: %s\n" +"action: %s\n" +"service: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Stratégie d'évaluation de l'expiration du mot de passe" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "Quels attributs utiliser pour déterminer si un compte a expiré" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés" +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "La recherche de nom d'utilisateur avec [%s] a échoué.\n" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" -"URI d'un serveur LDAP de secours où sont autorisées les modifications de mot " -"de passe" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "La recherche de l'utilisateur InfoPipe avec [%s] a échoué.\n" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "pam_start a échoué : %s\n" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/tools/sssctl/sssctl_user_checks.c:268 msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" +"testing pam_authenticate\n" +"\n" msgstr "" -"Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un " -"changement de mot de passe" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Périodicité de rafraichissement total" +"test de pam_authenticate\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Périodicité de rafraichissement intelligent" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "pam_get_item a échoué : %s\n" -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" +msgstr "pam_authenticate pour l'utilisateur [%s] : %s\n" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/tools/sssctl/sssctl_user_checks.c:278 msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" +"testing pam_chauthtok\n" +"\n" msgstr "" -"Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour " -"filtrer les règles sudo" +"test pam_chauthtok\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" msgstr "" -"Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles " -"sudo" +"pam_chauthtok: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" msgstr "" -"Inclure ou non les règles qui contiennent un netgroup dans l'attribut host" +"test de pam_acct_mgmt\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format msgid "" -"Whether to include rules that contains regular expression in host attribute" +"pam_acct_mgmt: %s\n" +"\n" msgstr "" -"Inclure ou non les règles qui contiennent une expression rationnelle dans " -"l'attribut host" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Classe objet pour les règles sudo" +"pam_acct_mgmt: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" msgstr "" +"test de pam_setcred\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Règle de nom sudo" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Attribut de commande de règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" +msgstr "" +"test pam_open_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Attribut hôte de la règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Attribut utilisateur de la règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" +msgstr "" +"test pam_close_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Attribut option de la règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" +msgstr "" +"pam_close_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "Attribut de règle sudo runas" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "action inconnue\n" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "Attribut runasuser de la règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "Environnement PAM :\n" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Attribut runasgroup de la règle sudo" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " - no env -\n" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Attribut notbefore de la règle sudo" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "L'identifiant utilisateur sous lequel faire tourner le serveur" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Attribut notafter de règle sudo" +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "L'identifiant de groupe sous lequel faire tourner le serveur" -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Attribut d'ordre de règle sudo" +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "Informe que le répondeur a été activé par un socket" -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Classe objet pour la carte de montage automatique" +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "Informe que le répondeur a été activé par un dbus" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Nom de l'attribut de carte de montage automatique" +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Définir le niveau de détails de la sortie de débogage" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Classe objet pour l'entrée de référence de montage automatique" +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Ajouter l'horodatage dans les fichiers de débogage" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Attribut de clé d'entrée pour la carte de montage automatique" +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "" +#~ "Ajouter les microsecondes pour l'horodatage dans les journaux de débogage" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Attribut de valeur pour la carte de montage automatique" +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Écrire les messages de débogage dans les journaux" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Base DN pour les requêtes de carte de montage automatique" +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "Délai de surveillance avant le redémarrage du service" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés" +#~ msgid "Command to start service" +#~ msgstr "Commande pour démarrer le service" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Liste, séparée par des virgules, d'utilisateurs interdits" +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "" +#~ "Nombre d'essais pour tenter de se connecter au fournisseur de données" -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Interpréteur de commande par défaut : /bin/bash" +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Le nombre de descripteurs de fichiers qui peuvent être ouverts par ce " +#~ "répondeur" -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Base pour les répertoires utilisateur" +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "durée d'inactivité avant la déconnexion automatique d'un client" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "Temps d'inactivité avant l'arrêt automatique du répondeur" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Nom de la bibliothèque NSS à utiliser" +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "" +#~ "Interrogez toujours tous les caches avant d'interroger les fournisseurs " +#~ "de données" -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "Rechercher le nom canonique du groupe dans le cache si possible" +#~ msgid "SSSD Services to start" +#~ msgstr "Services SSSD à démarrer" -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Pile PAM à utiliser" +#~ msgid "SSSD Domains to start" +#~ msgstr "Domaines SSSD à démarrer" -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Délai d'attente pour les messages à envoyer à travers SBUS" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" +#~ msgid "Regex to parse username and domain" +#~ msgstr "" +#~ "Expression rationnelle d'analyse des noms d'utilisateur et de domaine" -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "Devenir un démon (par défaut)" +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Format compatible printf d'affichage des noms complétement qualifiés" -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "Fonctionner en interactif (non démon)" +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Répertoire du système de fichiers où SSSD doit stocker les fichiers de " +#~ "relecture de Kerberos." -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "" +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Domaine à ajouter aux noms sans composant de nom de domaine." -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "Définir un fichier de configuration différent de celui par défaut" +#~ msgid "The user to drop privileges to" +#~ msgstr "L'utilisation vers lequel abandonner les privilèges" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "" +#~ msgid "Tune certificate verification" +#~ msgstr "Régler la vérification du certificat" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "" +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Tous les espaces dans les noms de groupes ou d'utilisateurs seront " +#~ "remplacés par ce caractère" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "Afficher le numéro de version et quitte" +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "" +#~ "Régler sssd pour honorer ou ignorer les changements d'état du netlink" -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "" +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "Activer ou désactiver le domaine des fichiers implicites" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "Niveau de débogage" +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "Un ordre spécifique des domaines à rechercher" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "Ajouter l'horodatage au débogage" +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Délai d'attente du cache d'énumération (en secondes)" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "Afficher l'horodatage en microsecondes" +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "" +#~ "Délai d'attente de mise à jour en arrière-plan de l'entrée de cache (en " +#~ "secondes)" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "Un descripteur de fichier ouvert pour les journaux de débogage" +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Délai d'attente du cache négatif (en secondes)" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "Envoyer la sortie de débogage directement vers l'erreur standard." +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "Délai d'attente du cache négatif (en secondes)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Utilisateurs que SSSD doit explicitement ignorer" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Groupes que SSSD doit explicitement ignorer" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Les utilisateurs filtrés doivent-ils apparaître dans les groupes" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "" +#~ "Valeur du champ de mot de passe que le fournisseur NSS doit renvoyer" + +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Remplacer par cette valeur celle du répertoire personnel obtenu avec le " +#~ "fournisseur d'identité" + +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Substitution de la valeur homedir vide du fournisseur d'identité avec " +#~ "cette valeur" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "L'utilisateur à utiliser pour la création du ccache FAST" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "" +#~ "Écraser le shell donné par le fournisseur d'identité avec cette valeur" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "Le groupe à utiliser pour la création du ccache FAST" +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "" +#~ "Liste des interpréteurs de commandes utilisateurs autorisés pour se " +#~ "connecter" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Liste des interpréteurs de commandes bannis et remplacés par celui par " +#~ "défaut" + +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Si un interpréteur de commandes stocké dans l'annuaire central est " +#~ "autorisé mais indisponible, utiliser à défaut celui-ci" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Shell à utiliser si le fournisseur n'en propose aucun" + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Durée de maintien en cache des enregistrements valides" + +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "" +#~ "Liste des attributs utilisateur que l'InfoPipe est autorisé à publier" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Délai pendant lequel les connexions utilisant le cache sont autorisées " +#~ "entre deux connexions en ligne (en jours)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Nombre d'échecs de connexions hors-ligne autorisés" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Durée d'interdiction de connexion après que offline_failed_login_attempts " +#~ "est atteint (en minutes)" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Quels types de messages sont affichés à l'utilisateur pendant " +#~ "l'authentification" + +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "Filtrez les réponses PAM envoyées à l'adresse pam_sss" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Durée en secondes pendant laquelle les informations d'identité sont " +#~ "gardées en cache pour les requêtes PAM" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "" +#~ "Nombre de jours précédent l'expiration du mot de passe avant lesquels un " +#~ "avertissement doit être affiché" + +#~ msgid "List of trusted uids or user's name" +#~ msgstr "Liste des uid ou noms d'utilisateurs dignes de confiance" + +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "" +#~ "Liste des domaines accessibles y compris par les utilisateurs non dignes " +#~ "de confiance" + +#~ msgid "Message printed when user account is expired." +#~ msgstr "Message affiché lorsque le compte a expiré" + +#~ msgid "Message printed when user account is locked." +#~ msgstr "Message affiché lorsque le compte a expiré" + +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "Autoriser l'authentification par certificat/carte à puce." + +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "" +#~ "Chemin d'accès à la base de données des certificats des modules PKCS#11." + +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "Combien de secondes pam_sss attendra-t-il la fin de p11_child" + +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "" +#~ "Quels services PAM sont autorisés à contacter les domaines d'application" + +#~ msgid "Allowed services for using smartcards" +#~ msgstr "Services autorisés pour l'utilisation de cartes à puce" + +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "" +#~ "Délai d'attente supplémentaire pour l'obtention d'une carte si demandé" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "URI PKCS#11 pour limiter la sélection des périphériques pour " +#~ "l'authentification par carte à puce" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "" +#~ "Faut-il évaluer les attributs dépendants du temps dans les règles sudo" + +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "Si sur true, SSSD repasse en logique de commande à faible gain" + +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "Nombre maximum de règles pouvant être rafraîchies en même temps. En cas " +#~ "de dépassement, un rafraîchissement complet est effectué." + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Le nombre de secondes pour garder un hôte dans le fichier known_hosts " +#~ "après que ses clés d'hôte ont été demandées" + +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "Chemin d'accès au stockage des certificats d'AC de confiance" + +#~ msgid "Allow to generate ssh-keys from certificates" +#~ msgstr "Permet de générer des ssh-keys à partir de certificats" + +#~ msgid "" +#~ "Use the following matching rules to filter the certificates for ssh-key " +#~ "generation" +#~ msgstr "" +#~ "Utilisez les règles de correspondance suivantes pour filtrer les " +#~ "certificats pour la génération de clés ssh" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur PAC" + +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "Durée de validité des données du PAC" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur " +#~ "InfoPipe" + +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "" +#~ "Liste des attributs utilisateur que l'InfoPipe est autorisé à publier" + +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "Le fournisseur où les secrets seront stockés" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "" +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "Le nombre maximal de conteneurs imbriqués autorisés" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "" +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "Le nombre maximum de secrets qui peuvent être stockés" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "" +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "Le nombre maximum de secrets qui peuvent être stockés par UID" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "" +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "La taille maximale de la charge utile d'un secret en kilo-octets" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "" +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "L'URL du serveur Custodia est en écoute sur" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "" +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "" +#~ "La méthode à utiliser lors de l'authentification via un serveur Custodia" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "" +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "Le nom des en-têtes qui seront ajoutés dans une requête HTTP avec la " +#~ "valeur définie dans auth_header_value" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "Domaine du fournisseur d'informations (obligatoire)" +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "La valeur que sssd-secrets utiliseraient pour auth_header_name" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "" -"Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire." +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "" +#~ "La liste des en-têtes à transmettre au serveur Custodia avec la requête" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "" -"Le socket public a de mauvaises permissions ou un mauvais propriétaire." +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "La méthode à utiliser lors de l'authentification via un serveur Custodia " +#~ "utilisant basic_auth" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "Le message du serveur de crédits a un format inattendu." +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "La méthode à utiliser lors de l'authentification via un serveur Custodia " +#~ "utilisant basic_auth" + +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "Le certificat pair true est vérifié si proxy_url utilise le protocole " +#~ "https" + +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "Le certificat pair false peut contenir un nom d'hôte différent de " +#~ "proxy_url lorsque le protocole https est utilisé" + +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "Chemin d'accès au répertoire où sont stockés les certificats CA" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD n'est pas démarré par root." +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "Chemin d'accès au fichier contenant le certificat CA du serveur" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "" +#~ msgid "Path to file containing client's certificate" +#~ msgstr "Chemin d'accès au fichier contenant le certificat du client" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "" +#~ msgid "Path to file containing client's private key" +#~ msgstr "Chemin d'accès au fichier contenant la clé privée du client" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "Une erreur est survenue mais aucune description n'est trouvée." +#~ msgid "Identity provider" +#~ msgstr "Fournisseur d'identité" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "Erreur inattendue lors de la recherche de la description de l'erreur" +#~ msgid "Authentication provider" +#~ msgstr "Fournisseur d'authentification" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "Accès refusé." +#~ msgid "Access control provider" +#~ msgstr "Fournisseur de contrôle d'accès" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "Message du serveur : " +#~ msgid "Password change provider" +#~ msgstr "Fournisseur de changement de mot de passe" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "Les mots de passe ne correspondent pas" +#~ msgid "SUDO provider" +#~ msgstr "Fournisseur SUDO" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "" -"La réinitialisation du mot de passe par root n'est pas prise en charge." +#~ msgid "Autofs provider" +#~ msgstr "Fournisseur autofs" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "Authentifié avec les crédits mis en cache" +#~ msgid "Host identity provider" +#~ msgstr "Fournisseur d'identité de l'hôte" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr ", votre mot de passe en cache expirera à :" +#~ msgid "SELinux provider" +#~ msgstr "Fournisseur SELinux" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "" -"Votre mot de passe a expiré. Il vous reste %1$d connexion(s) autorisée(s)." +#~ msgid "Session management provider" +#~ msgstr "Fournisseur de gestion de session" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "Votre mot de passe expirera dans %1$d %2$s." +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "Si le domaine est utilisable par l'OS ou par des applications" -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "L'authentification est refusée jusque :" +#~ msgid "Minimum user ID" +#~ msgstr "Identifiant utilisateur minimum" -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "" -"Le système est hors-ligne, les modifications du mot de passe sont impossibles" +#~ msgid "Maximum user ID" +#~ msgstr "Identifiant utilisateur maximum" -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"Après avoir modifié le mot de passe OTP, vous devez vous déconnecter et vous " -"reconnecter afin d'acquérir un ticket" +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Activer l'énumération de tous les utilisateurs/groupes" -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "Échec du changement de mot de passe." +#~ msgid "Cache credentials for offline login" +#~ msgstr "Mettre en cache les crédits pour une connexion hors-ligne" -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "Nouveau mot de passe : " +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "" +#~ "Afficher les utilisateurs/groupes dans un format complétement qualifié" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "Retaper le nouveau mot de passe : " +#~ msgid "Don't include group members in group lookups" +#~ msgstr "" +#~ "Ne pas inclure les membres des groupes dans les recherches de groupes." -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "Premier facteur :" +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Durée de validité des entrées en cache (en secondes)" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "" +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Restreindre ou préférer une famille d'adresses lors des recherches DNS" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "Second facteur :" +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Durée de validité des entrées en cache après la dernière connexion " +#~ "réussie (en jours)" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "Mot de passe : " +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "Combien de temps le SSSD doit-il parler à un seul serveur DNS avant " +#~ "d'essayer le serveur suivant (en millisecondes)" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "" +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "" +#~ "Combien de temps faut-il continuer à essayer de résoudre une seule " +#~ "requête DNS (en secondes)" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "Mot de passe actuel : " +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Délai d'attente des réponses du DNS lors de la résolution des serveurs " +#~ "(en secondes)" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "La partie domaine de la requête de découverte de service DNS" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "Le niveau de débogage utilisé avec" +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "" +#~ "Écraser la valeur du GID du fournisseur d'identité avec cette valeur" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "Le domaine SSSD à utiliser" +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Considère les noms d'utilisateur comme casse dépendant" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "Erreur lors du paramétrage de la locale\n" +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Fréquence de rafraîchissement en arrière plan des entrées expirées" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "Mémoire insuffisante\n" +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "Utilisateur non spécifié\n" +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "Le TTL à appliquer à l'entrée DNS du client après modification" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "Erreur lors de la recherche des clés publiques\n" +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "L'interface dont l'adresse IP doit être utilisée pour les mises à jour " +#~ "dynamiques du DNS" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "Le port à utiliser pour se connecter à l'hôte" +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "Fréquence de mise à jour automatique de l'entrée DNS du client" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "" +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "" +#~ "Selon que le fournisseur doit aussi ou non mettre à jour explicitement " +#~ "l'enregistrement PTR" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "Port invalide\n" +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "Hôte non spécifié\n" +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Quel type d'authentification doit être utilisée pour effectuer la mise à " +#~ "jour DNS" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "Le chemin vers la commande de proxy doit être absolue\n" +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "" +#~ "Remplace le serveur DNS utilisé pour effectuer la mise à jour du DNS" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "" +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Contrôle l'énumération des domaines approuvés" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "L'UID de l'utilisateur" +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Fréquence de rafraîchissement des sous-domaines" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "Phrase de commentaire" +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Listes des options qui doivent être héritées dans le sous-domaine" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "Répertoire utilisateur" - -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "Interpréteur de commandes de connexion" - -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "Groupes" - -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "Créer le repertoire utilisateur s'il n'existe pas" - -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "Ne jamais créer de répertoire utilisateur, outrepasse la configuration" - -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "Spécifie un répertoire squelette alternatif" - -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "L'utilisateur SELinux pour l'identifiant de l'utilisateur" - -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "Définir le groupe à ajouter à\n" - -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "Définir l'utilisateur à ajouter à\n" - -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "Erreur à l'initialisation des outils - aucun domaine local\n" - -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "Erreur à l'initialisation des outils\n" - -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "Domaine invalide définit dans le FQDN\n" - -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "Erreur interne lors de l'analyse des paramètres\n" - -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "Les groupes doivent être dans le même domaine que l'utilisateur\n" - -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "Impossible de trouver le groupe %1$s dans le domaine local\n" - -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "Impossible de définir les valeurs par défaut\n" - -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "L'UID sélectionné est en dehors de la plage autorisée\n" - -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "Impossible de définir le contexte de connexion SELinux\n" - -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "Impossible de trouver les informations sur l'utilisateur\n" - -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"Le répertoire de l'utilisateur existe déjà, les données du répertoire " -"squelette ne sont pas copiées\n" +#~ msgid "Default subdomain homedir value" +#~ msgstr "Valeur par défaut du sous-domaine homedir" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "Impossible de créer le répertoire de l'utilisateur : %1$s\n" +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "" +#~ "Combien de temps les informations d'identification en cache peuvent-elles " +#~ "être utilisées pour l'authentification en cache" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "" -"Impossible de créer le répertoire de réception des messages électroniques " -"pour l'utilisateur : %1$s\n" +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "" +#~ "S'il faut créer automatiquement des groupes privés pour les utilisateurs" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "" -"L'identifiant de l'utilisateur ne peut pas être alloué - domaine plein ?\n" +#~ msgid "IPA domain" +#~ msgstr "Domaine IPA" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "Un utilisateur ou groupe avec le même nom ou identifiant existe déjà\n" +#~ msgid "IPA server address" +#~ msgstr "Adresse du serveur IPA" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "Erreur de transaction. Impossible d'ajouter l'utilisateur.\n" +#~ msgid "Address of backup IPA server" +#~ msgstr "Adresse du serveur IPA de secours" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "Le GID du groupe" +#~ msgid "IPA client hostname" +#~ msgstr "Nom de système du client IPA" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "Définir le groupe à ajouter\n" +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Choisir de mettre à jour automatiquement l'entrée DNS du client dans " +#~ "FreeIPA" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "Le GID choisit est en dehors de la plage autorisée\n" +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Base de recherche pour les objets HBAC" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "Impossible d'allouer l'identifiant du groupe - domaine plein ?\n" +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "Un groupe avec le même nom ou GID existe déjà\n" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "Erreur de transaction. Impossible d'ajouter le groupe.\n" +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "Spécifier le groupe à supprimer\n" +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "" +#~ "L'emplacement de la carte de montage automatique utilisée par le client " +#~ "IPA" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "" -"Le groupe %1$s est en dehors de la plage d'identifiants définie pour le " -"domaine\n" - -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"Échec de requête NSS (%1$d). L'entrée peut persister dans le cache en " -"mémoire.\n" - -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"Aucun groupe dans le domaine local. La suppression de groupes n'est " -"autorisée que dans le domaine local.\n" - -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "Erreur interne. Impossible de supprimer le groupe.\n" - -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "Groupes auxquels ce groupe sera ajouté" - -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "Groupes desquels ce groupe sera retiré" - -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "Définir le groupe duquel supprimer\n" - -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "Définir le groupe à modifier\n" - -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"Impossible de trouver le groupe dans le domaine local, la modification des " -"groupes n'est autorisée que dans le domaine local\n" +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "" +#~ "Base de recherche pour l'objet contenant les informations de base à " +#~ "propos du domaine IPA" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "" -"Les membres du groupe doivent être dans le même domaine que le groupe " -"parent\n" +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "" +#~ "Base de recherche pour les objets contenant les informations à propos des " +#~ "plages d'ID" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"Impossible de trouver le groupe %1$s dans le domaine local, seuls les " -"groupes du domaine local sont autorisés\n" +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "" +#~ "Activer les sites DNS - découverte de service basée sur l'emplacement" + +#~ msgid "Search base for view containers" +#~ msgstr "Base de recherche des conteneurs de vues" + +#~ msgid "Objectclass for view containers" +#~ msgstr "Classe d'objet pour les conteneurs de vues" + +#~ msgid "Attribute with the name of the view" +#~ msgstr "Attribut avec le nom de la vue" + +#~ msgid "Objectclass for override objects" +#~ msgstr "Classe d'objet surchargeant les objets" + +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "Attribut faisant référence à l'objet originel " + +#~ msgid "Objectclass for user override objects" +#~ msgstr "Classe d'objet surchargeant les utilisateurs" + +#~ msgid "Objectclass for group override objects" +#~ msgstr "Classe d'objet surchargeant les groupes" + +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "Base de recherche pour les objets liés au Profil du Bureau" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "Le temps, en secondes, entre les consultations des règles du profil du " +#~ "bureau sur le serveur IPA" + +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "Le temps en minutes entre les consultations des règles de profile de " +#~ "bureau sur le serveur IPA lorsque la dernière requête n'a trouvé aucune " +#~ "règle" + +#~ msgid "Active Directory domain" +#~ msgstr "Domaine Active Directory" + +#~ msgid "Enabled Active Directory domains" +#~ msgstr "Domaine d’Active Directory activés" + +#~ msgid "Active Directory server address" +#~ msgstr "Adresse du serveur Active Directory" + +#~ msgid "Active Directory backup server address" +#~ msgstr "Adresse du serveur Active Directory de secours" + +#~ msgid "Active Directory client hostname" +#~ msgstr "Nom de système du client Active Directory" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Filtre LDAP pour déterminer les autorisations d'accès" + +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Choisir d'utiliser ou non le catalogue global pour les recherches" + +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Mode opératoire pour les contrôles d'accès basé sur les GPO" + +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "" +#~ "Durée entre les recherches de fichiers de politiques de GPO dans le " +#~ "serveur AD" + +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms de services PAM correspondant à la configuration de la politique " +#~ "(Deny)InteractiveLogonRight de la GPO" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"Impossible de modifier le groupe - vérifier que les noms des groupes membres " -"sont corrects\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "Noms de services PAM correspondant à la configuration de la politique " +#~ "(Deny)RemoteInteractiveLogonRight de la GPO" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"Impossible de modifier le groupe - vérifier que le nom du groupe est " -"correct\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms de services PAM correspondant à la configuration de la politique " +#~ "(Deny)NetworkLogonRight de la GPO" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "Erreur de transaction. Impossible de modifier le groupe.\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms de services PAM correspondant à la configuration de la politique " +#~ "(Deny)BatchLogonRight de la GPO" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Magie privée" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Noms de services PAM correspondant à la configuration de la politique " +#~ "(Deny)ServiceLogonRight de la GPO" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$sGroup: %3$s\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "" +#~ "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " +#~ "toujours autorisés" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$s GID numéro : %2$d\n" +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "" +#~ "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " +#~ "toujours interdits" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "Utilisateurs membres de %1$s :" +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Droit de connexion par défaut (ou permission/interdiction) à utiliser " +#~ "pour les noms de services sans correspondance" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$s est membre de : " +#~ msgid "a particular site to be used by the client" +#~ msgstr "un site particulier utilisé par le client" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"Groupes membres de %1$s : " +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "" +#~ "Âge maximum en jours avant que le mot de passe du compte de la machine ne " +#~ "soit renouvelé" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "Afficher les membres du groupe indirects récursivement" +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "Option de réglage de la tâche de renouvellement du compte machine" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "Définir le groupe à afficher\n" +#~ msgid "Kerberos server address" +#~ msgstr "Adresse du serveur Kerberos" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"Aucun groupe dans le domaine local. L'affichage des groupes n'est autorisé " -"que dans le domaine local.\n" +#~ msgid "Kerberos backup server address" +#~ msgstr "Adresse du serveur Kerberos de secours" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "Erreur interne. Impossible d'afficher le groupe.\n" +#~ msgid "Kerberos realm" +#~ msgstr "Domaine Kerberos" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "Suppression du répertoire personnel et de gestion des mails" +#~ msgid "Authentication timeout" +#~ msgstr "Délai avant expiration de l'authentification" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "Ne pas supprimer le répertoire personnel et de gestion des mails" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Choisir de créer ou non les fichiers kdcinfo" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "Forcer la suppression des fichiers n'appartenant pas à l'utilisateur" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Où déposer les extraits de configuration krb5" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "Tuer les processus de l'utilisateur avant de le supprimer" +#~ msgid "Directory to store credential caches" +#~ msgstr "Répertoire pour stocker les caches de crédits" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "Définir l'utilisateur à supprimer\n" +#~ msgid "Location of the user's credential cache" +#~ msgstr "Emplacement du cache de crédits de l'utilisateur" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "" -"L'utilisateur %1$s est en dehors de la plage d'identifiants définie pour le " -"domaine\n" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Emplacement du fichier keytab de validation des crédits" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "Impossible de réinitialiser le contexte de connexion SELinux\n" +#~ msgid "Enable credential validation" +#~ msgstr "Activer la validation des crédits" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"ATTENTION : l'utilisateur (uid %1$lu) était encore connecté lors de sa " -"suppression.\n" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "Stocker le mot de passe, si hors-ligne, pour une authentification " +#~ "ultérieure en ligne" -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "" -"Impossible de savoir si l'utilisateur était connecté sur cette plateforme" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Durée de vie renouvelable du TGT" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "Erreur en vérifiant si l'utilisateur était connecté\n" +#~ msgid "Lifetime of the TGT" +#~ msgstr "Durée de vie du TGT" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "La commande post-suppression a échoué : %1$s\n" +#~ msgid "Time between two checks for renewal" +#~ msgstr "Durée entre deux vérifications pour le renouvellement" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "" -"Le répertoire personnel n'est pas supprimé - l'utilisateur n'en est pas le " -"propriétaire\n" +#~ msgid "Enables FAST" +#~ msgstr "Active FAST" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "Impossible de supprimer le répertoire utilisateur : %1$s\n" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Sélectionne le principal à utiliser avec FAST" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"Aucun utilisateur dans le domaine local. La suppression des utilisateurs " -"n'est autorisée que dans le domaine local.\n" +#~ msgid "Enables principal canonicalization" +#~ msgstr "Active la canonisation du principal" -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "Erreur interne. Impossible de supprimer l'utilisateur.\n" +#~ msgid "Enables enterprise principals" +#~ msgstr "Active les principals d'entreprise" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "Le GID de l'utilisateur" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "" +#~ "Un mappage des noms d'utilisateurs vers les noms de principaux Kerberos" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "Groupes auxquels ajouter cet utilisateur" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Serveur où tourne le service de changement de mot de passe s'il n'est pas " +#~ "sur le KDC" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "Groupes auxquels enlever cet utilisateur" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, l'adresse du serveur LDAP" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "Verrouiller le compte" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, l'URI du serveur LDAP" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "Déverrouiller le compte" +#~ msgid "The default base DN" +#~ msgstr "La base DN par défaut" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "Ajouter une paire attribut/valeur. Le format est nom_attribut=valeur." +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "" -"Supprimer une paire attribut/valeur. Le format est nom_attribut=valeur." +#~ msgid "Mode used to change user password" +#~ msgstr "Mode utilisé pour modifier le mot de passe utilisateur" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"Définir une paire attribut/valeur. Le format est nom_attribut=valeur. Pour " -"les attributs multi-valués, la commande remplace les valeurs déjà présentes." +#~ msgid "The default bind DN" +#~ msgstr "Le DN de connexion par défaut" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "Indiquer les paires nom d'attributs et valeurs.\n" +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Le type de jeton d'authentification du DN de connexion par défaut" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "Spécifier l'utilisateur à modifier\n" +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Le jeton d'authentification du DN de connexion par défaut" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"Impossible de trouver l'utilisateur dans le domaine local, la modification " -"des utilisateurs n'est autorisée que dans le domaine local\n" +#~ msgid "Length of time to attempt connection" +#~ msgstr "Durée pendant laquelle il sera tenté d'établir la connexion" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"Impossible de modifier l'utilisateur - vérifiez que les noms de groupe sont " -"corrects\n" +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"Impossible de modifier l'utilisateur - l'utilisateur est déjà membre du " -"groupe ?\n" +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n" +#~ msgid "Use only the upper case for realm names" +#~ msgstr "N'utiliser que des majuscules pour les noms de domaine" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n" +#~ msgid "File that contains CA certificates" +#~ msgstr "Fichier contenant les certificats des CA" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "Impossible d'invalider %1$s\n" +#~ msgid "Path to CA certificate directory" +#~ msgstr "Chemin vers le répertoire de certificats des CA" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "Impossible d'invalider %1$s %2$s\n" +#~ msgid "File that contains the client certificate" +#~ msgstr "Fichier contenant le certificat client" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "" +#~ msgid "File that contains the client key" +#~ msgstr "Fichier contenant la clé du client" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "Invalider un utilisateur spécifique" +#~ msgid "List of possible ciphers suites" +#~ msgstr "Liste des suites de chiffrement possibles" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "Invalider tous les utilisateurs" +#~ msgid "Require TLS certificate verification" +#~ msgstr "Requiert une vérification de certificat TLS" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "Invalider un groupe particulier" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Spécifier le mécanisme SASL à utiliser" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "Invalider tous les groupes" +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Spécifier l'identité d'authorisation SASL à utiliser" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "Invalider un groupe réseau particulier" +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Spécifier le domaine d'authorisation SASL à utiliser" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "Invalider tous les groupes réseau" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "Invalidation d'un service particulier" +#~ msgid "Kerberos service keytab" +#~ msgstr "Service du fichier keytab de Kerberos" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "Invalidation de tous les services" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "Invalidation d'une carte autofs particulière" +#~ msgid "Follow LDAP referrals" +#~ msgstr "Suivre les référents LDAP" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "Invalidation de toutes les cartes autofs" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Durée de vie du TGT pour la connexion LDAP" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "Invalider un hôte SSH particulier" +#~ msgid "How to dereference aliases" +#~ msgstr "Comment déréférencer les alias" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "Invalider tous les hôtes SSH" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Nom du service pour les recherches DNS" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "" +#~ "Le nombre d'enregistrements à récupérer dans une requête LDAP unique" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "Nombre de membres qui doivent être manquants pour activer un " +#~ "déréférencement complet" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "N'invalider des entrées que d'un domaine spécifique" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser " +#~ "le nom d'hôte pendant une connexion SASL ?" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" +#~ msgid "entryUSN attribute" +#~ msgstr "attribut entryUSN" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "Merci de sélectionner au moins un objet à invalider\n" +#~ msgid "lastUSN attribute" +#~ msgstr "attribut lastUSN" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"Impossible d'ouvrir le domaine %1$s. Si le domaine est un sous-domaine " -"(domaine approuvé), utiliser le nom pleinement qualifié au lieu du paramètre " -"--domain/-d.\n" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Combien de temps conserver la connexion au serveur LDAP avant de se " +#~ "déconnecter" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "Impossible d'ouvrir aucun des domaines disponibles\n" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Désactiver le contrôle des pages LDAP" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "" -"Le nom « %1$s » ne semble pas être un FQDN (« %2$s = TRUE » est configuré)\n" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Désactiver la récupération de plage Active Directory." -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "Mémoire saturée\n" +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Durée d'attente pour une requête de recherche" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s doit être lancé en tant que root\n" +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Durée d'attente pour une requête d'énumération" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "" +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Durée entre deux mises à jour d'énumération" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Durée entre les nettoyages de cache" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "TLS est requis pour les recherches d'identifiants" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-" +#~ "établis" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "" +#~ msgid "Base DN for user lookups" +#~ msgstr "Base DN pour les recherches d'utilisateurs" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "" +#~ msgid "Scope of user lookups" +#~ msgstr "Scope des recherches d'utilisateurs" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "" +#~ msgid "Filter for user lookups" +#~ msgstr "Filtre pour les recherches d'utilisateurs" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "" +#~ msgid "Objectclass for users" +#~ msgstr "Classe d'objet pour les utilisateurs" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "" +#~ msgid "Username attribute" +#~ msgstr "Attribut de nom d'utilisateur" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "" +#~ msgid "UID attribute" +#~ msgstr "Attribut UID" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr "" +#~ msgid "Primary GID attribute" +#~ msgstr "Attribut de GID primaire" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "" +#~ msgid "GECOS attribute" +#~ msgstr "Attribut GECOS" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "" +#~ msgid "Home directory attribute" +#~ msgstr "Attribut de répertoire utilisateur" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "" +#~ msgid "Shell attribute" +#~ msgstr "Attribut d'interpréteur de commandes" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "" +#~ msgid "UUID attribute" +#~ msgstr "attribut UUID" -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "" +#~ msgid "objectSID attribute" +#~ msgstr "attribut objectSID" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "Groupe primaire Active Directory pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Attribut d'utilisateur principal (pour Kerberos)" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "" +#~ msgid "Full Name" +#~ msgstr "Nom complet" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "" +#~ msgid "memberOf attribute" +#~ msgstr "Attribut memberOf" -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "" +#~ msgid "Modification time attribute" +#~ msgstr "Attribut de date de modification" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "" +#~ msgid "shadowLastChange attribute" +#~ msgstr "Attribut shadowLastChange" -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "" +#~ msgid "shadowMin attribute" +#~ msgstr "Attribut shadowMin" -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "" +#~ msgid "shadowMax attribute" +#~ msgstr "Attribut shadowMax" -#: src/tools/sssctl/sssctl_config.c:70 -#, c-format -msgid "Failed to open %s\n" -msgstr "" +#~ msgid "shadowWarning attribute" +#~ msgstr "Attribut shadowWarning" -#: src/tools/sssctl/sssctl_config.c:75 -#, c-format -msgid "File %1$s does not exist.\n" -msgstr "" +#~ msgid "shadowInactive attribute" +#~ msgstr "Attribut shadowInactive" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" +#~ msgid "shadowExpire attribute" +#~ msgstr "Attribut shadowExpire" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "shadowFlag attribute" +#~ msgstr "Attribut shadowFlag" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Attribut listant les services PAM autorisés" -#: src/tools/sssctl/sssctl_config.c:99 -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Attribut listant les hôtes de serveurs autorisés" -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "Attribut listant les rhosts de serveurs autorisés" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "Attribut krbLastPwdChange" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "Attribut krbPasswordExpiration" -#: src/tools/sssctl/sssctl_config.c:137 -#, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "" +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "Attribut indiquant que la stratégie de mot de passe du serveur est active" -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "Attribut AD accountExpires" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "Attribut AD userAccountControl" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "" +#~ msgid "nsAccountLock attribute" +#~ msgstr "Attribut nsAccountLock" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "Attribut NDS loginDisabled" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "Attribut NDS loginExpirationTime" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "Attribut NDS loginAllowedTimeMap" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "" +#~ msgid "SSH public key attribute" +#~ msgstr "Attribut de clé public SSH" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "" +#~ "attribut énumérant les types d'authentification autorisés pour un " +#~ "utilisateur" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "attribut contenant le certificat X509 de l'utilisateur" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "" +#~ msgid "attribute containing the email address of the user" +#~ msgstr "attribut contenant l’adresse email de l'utilisateur" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "Une liste des attributs supplémentaires à télécharger avec l'entrée de " +#~ "l'utilisateur" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "" +#~ msgid "Base DN for group lookups" +#~ msgstr "DN de base pour les recherches de groupes" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "" +#~ msgid "Objectclass for groups" +#~ msgstr "Classe d'objet pour les groupes" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" +#~ msgid "Group name" +#~ msgstr "Nom du groupe" + +#~ msgid "Group password" +#~ msgstr "Mot de passe du groupe" + +#~ msgid "GID attribute" +#~ msgstr "Attribut GID" + +#~ msgid "Group member attribute" +#~ msgstr "Attribut membre du groupe" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "" +#~ msgid "Group UUID attribute" +#~ msgstr "attribut de l'UUID du groupe" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "" +#~ msgid "Modification time attribute for groups" +#~ msgstr "Attribut de date de modification pour les groupes" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "" +#~ msgid "Type of the group and other flags" +#~ msgstr "Type de groupe et autres indicateurs" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "" +#~ msgid "The LDAP group external member attribute" +#~ msgstr "L'attribut de membre externe du groupe LDAP" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "" +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "Le niveau d'imbrication maximal du SSSD suivra" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "DN de base pour les recherches de netgroup" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "" +#~ msgid "Objectclass for netgroups" +#~ msgstr "Classe d'objet pour les groupes réseau" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "" +#~ msgid "Netgroup name" +#~ msgstr "Nom du groupe réseau" -#: src/tools/sssctl/sssctl_domains.c:213 -msgid "This domain has no active servers.\n" -msgstr "" +#~ msgid "Netgroups members attribute" +#~ msgstr "Attribut des membres des groupes réseau" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "" +#~ msgid "Netgroup triple attribute" +#~ msgstr "Attribut triplet du groupe réseau" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "" +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Attribut date de modification pour les groupes réseau" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "Base DN for service lookups" +#~ msgstr "Nom de domaine (DN) de base pour les recherches de service" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "" +#~ msgid "Objectclass for services" +#~ msgstr "Classe objet pour les services" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "" +#~ msgid "Service name attribute" +#~ msgstr "Attribut de nom de service" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "" +#~ msgid "Service port attribute" +#~ msgstr "Attribut de port du service" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "" +#~ msgid "Service protocol attribute" +#~ msgstr "Attribut de service du protocole" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Limite inférieure pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "" +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Limite supérieure pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Nombre d'ID par tranche pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "" +#~ "Utilisation d'un algorithme compatible autorid pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Nom du domaine par défaut pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID du domaine par défaut pour la correspondance d'ID" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "" +#~ msgid "Number of secondary slices" +#~ msgstr "Nombre de tranches secondaires" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Choisir d'utiliser ou non les groupes de jetons" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "" +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN pour les requêtes sur ppolicy" -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "" +#~ "Combien d'entrées maximum à récupérer lors d'une demande de wildcard" -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Stratégie d'évaluation de l'expiration du mot de passe" -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "Quels attributs utiliser pour déterminer si un compte a expiré" -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès" -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI d'un serveur LDAP où les changements de mot de passe sont acceptés" -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI d'un serveur LDAP de secours où sont autorisées les modifications de " +#~ "mot de passe" -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "" +#~ "Nom du service DNS pour le serveur de changement de mot de passe LDAP" -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un " +#~ "changement de mot de passe" -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "" +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo" -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "" +#~ msgid "Automatic full refresh period" +#~ msgstr "Périodicité de rafraichissement total" -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr "" +#~ msgid "Automatic smart refresh period" +#~ msgstr "Périodicité de rafraichissement intelligent" -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr "" +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux" -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr "" +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour " +#~ "filtrer les règles sudo" -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr "" +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles " +#~ "sudo" -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr "" +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Inclure ou non les règles qui contiennent un netgroup dans l'attribut host" -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Inclure ou non les règles qui contiennent une expression rationnelle dans " +#~ "l'attribut host" -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "" +#~ msgid "Object class for sudo rules" +#~ msgstr "Classe objet pour les règles sudo" -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "" +#~ msgid "Name of attribute that is used as object class for sudo rules" +#~ msgstr "" +#~ "Nom de l'attribut qui est utilisé comme classe d'objet pour les règles " +#~ "sudo" -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "" +#~ msgid "Sudo rule name" +#~ msgstr "Règle de nom sudo" -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" +#~ msgid "Sudo rule command attribute" +#~ msgstr "Attribut de commande de règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "" +#~ msgid "Sudo rule host attribute" +#~ msgstr "Attribut hôte de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "" +#~ msgid "Sudo rule user attribute" +#~ msgstr "Attribut utilisateur de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "" +#~ msgid "Sudo rule option attribute" +#~ msgstr "Attribut option de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" +#~ msgid "Sudo rule runas attribute" +#~ msgstr "Attribut de règle sudo runas" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "" +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "Attribut runasuser de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Attribut runasgroup de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Attribut notbefore de la règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Attribut notafter de règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "" +#~ msgid "Sudo rule order attribute" +#~ msgstr "Attribut d'ordre de règle sudo" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" +#~ msgid "Object class for automounter maps" +#~ msgstr "Classe objet pour la carte de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" +#~ msgid "Automounter map name attribute" +#~ msgstr "Nom de l'attribut de carte de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" +#~ msgid "Object class for automounter map entries" +#~ msgstr "Classe objet pour l'entrée de référence de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "" +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Attribut de clé d'entrée pour la carte de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Attribut de valeur pour la carte de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "" +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Base DN pour les requêtes de carte de montage automatique" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "" +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Liste, séparée par des virgules, d'utilisateurs interdits" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "" +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Interpréteur de commande par défaut : /bin/bash" -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr "" +#~ msgid "Base for home directories" +#~ msgstr "Base pour les répertoires utilisateur" -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "L'identifiant utilisateur sous lequel faire tourner le serveur" +#~ msgid "The number of preforked proxy children." +#~ msgstr "Le nombre d'enfants proxy pré-fourche." -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "L'identifiant de groupe sous lequel faire tourner le serveur" +#~ msgid "The name of the NSS library to use" +#~ msgstr "Nom de la bibliothèque NSS à utiliser" -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "" +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "Rechercher le nom canonique du groupe dans le cache si possible" -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "" +#~ msgid "PAM stack to use" +#~ msgstr "Pile PAM à utiliser" + +#~ msgid "Path of passwd file sources." +#~ msgstr "Chemin des sources des fichiers passwd." + +#~ msgid "Path of group file sources." +#~ msgstr "Chemin des sources des fichiers de groupe." diff --git a/po/hu.po b/po/hu.po index d49e394512..4ebef036a8 100644 --- a/po/hu.po +++ b/po/hu.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/" @@ -22,1535 +22,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Elindítandó SSSD szolgáltatások" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "SSSD által figyelmen kívül hagyott felhasználók" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "SSSD által figyelmen kívül hagyott csoportok" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Hány sikertelen bejelentkezés engedélyezett offline állapotban" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Azonosító-kiszolgáló" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Legkisebb felhasználói azonosító" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Legnagyobb felhasználói azonosító" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Azonosítók gyorsítótárazása offline használathoz" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Bejegyzés-gyorsítótár érvényessége (másodperc)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-tartomány" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA kiszolgáló címe" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA kliens hosztneve" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos-kiszolgáló címe" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos-tartomány" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Időtúllépés azonosításkor" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, az LDAP szerver URI-ja" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Alapértelmezett LDAP alap-DN-je" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Az LDAP szerveren használt séma-típus, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Az alapértelmezett bind DN" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "A kapcsolódási próbálkozás időtartama" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "A CA tanusítványokat tartalmazó fájl" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "TLS tanusítvány ellenőrzése" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "TLS megkövetelése ID keresésekor" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "GECOS attribútum" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Shell attribútum" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Teljes név" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "memberOf attribútum" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Csoport neve" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Csoport jelszava" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Alapértelmezett shell, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Időbélyegek a hibakeresési kimenetben" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "Mikroszekundum pontosságú időbélyegek" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1590,7 +110,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2405,7 +925,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2582,44 +1102,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2828,3 +1348,93 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "SSSD Services to start" +#~ msgstr "Elindítandó SSSD szolgáltatások" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "SSSD által figyelmen kívül hagyott felhasználók" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "SSSD által figyelmen kívül hagyott csoportok" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Hány sikertelen bejelentkezés engedélyezett offline állapotban" + +#~ msgid "Authentication provider" +#~ msgstr "Azonosító-kiszolgáló" + +#~ msgid "Minimum user ID" +#~ msgstr "Legkisebb felhasználói azonosító" + +#~ msgid "Maximum user ID" +#~ msgstr "Legnagyobb felhasználói azonosító" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Azonosítók gyorsítótárazása offline használathoz" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Bejegyzés-gyorsítótár érvényessége (másodperc)" + +#~ msgid "IPA domain" +#~ msgstr "IPA-tartomány" + +#~ msgid "IPA server address" +#~ msgstr "IPA kiszolgáló címe" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA kliens hosztneve" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos-kiszolgáló címe" + +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos-tartomány" + +#~ msgid "Authentication timeout" +#~ msgstr "Időtúllépés azonosításkor" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, az LDAP szerver URI-ja" + +#~ msgid "The default base DN" +#~ msgstr "Alapértelmezett LDAP alap-DN-je" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Az LDAP szerveren használt séma-típus, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "Az alapértelmezett bind DN" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "A kapcsolódási próbálkozás időtartama" + +#~ msgid "File that contains CA certificates" +#~ msgstr "A CA tanusítványokat tartalmazó fájl" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "TLS tanusítvány ellenőrzése" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "TLS megkövetelése ID keresésekor" + +#~ msgid "GECOS attribute" +#~ msgstr "GECOS attribútum" + +#~ msgid "Shell attribute" +#~ msgstr "Shell attribútum" + +#~ msgid "Full Name" +#~ msgstr "Teljes név" + +#~ msgid "memberOf attribute" +#~ msgstr "memberOf attribútum" + +#~ msgid "Group name" +#~ msgstr "Csoport neve" + +#~ msgid "Group password" +#~ msgstr "Csoport jelszava" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Alapértelmezett shell, /bin/bash" diff --git a/po/id.po b/po/id.po index 3ffde26aae..31d7fe2402 100644 --- a/po/id.po +++ b/po/id.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/" @@ -19,1535 +19,55 @@ msgstr "" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Mengatur verbosity dari pencatatan debug" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Sertakan cap waktu di pencatatan debug" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Menulis pesan debug ke berkas log" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Perintah untuk memulai layanan" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Jumlah usaha yang dilakukan untuk mencoba koneksi ke Penyedia Data" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Layanan SSSD akan dijalankan" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Domain SSSD akan dijalankan" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Pengguna yang diabaikan secara eksplisit oleh SSSD" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Grup yang diabaikan secara eksplisit oleh SSSD" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Haruskah pengguna yang disaring muncul dalam grup" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Nilai kolom kata sandi yang harus dikembalikan oleh penyedia NSS" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Penyedia identitas" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Penyedia otentikasi" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Penyedia kontrol akses" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Penyedia pengubah kata sandi" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "ID pengguna minimum" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "ID pengguna maksimum" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Domain IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Alamat server IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nama host klien IPA" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Alamat server Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Realm Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, URI server LDAP" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Lamanya waktu untuk mencoba koneksi" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Membutuhkan verifikasi sertifikat TLS" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Tentukan mekanisme sasl yang digunakan" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Tentukan id otorisasi sasl yang digunakan" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Keytab layanan Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Lingkup pencarian pengguna" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filter pencarian pengguna" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass untuk pengguna" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Atribut Nama pengguna" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Atribut UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Atribut GID Primer" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Atribut GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Atribut direktori Home" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Atribut Shell" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Atribut utama pengguna (untuk Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nama Lengkap" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Atribut memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Atribut waktu modifikasi" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Shell default, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1587,7 +107,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2414,7 +934,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2591,44 +1111,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2837,3 +1357,148 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Mengatur verbosity dari pencatatan debug" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Sertakan cap waktu di pencatatan debug" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Menulis pesan debug ke berkas log" + +#~ msgid "Command to start service" +#~ msgstr "Perintah untuk memulai layanan" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Jumlah usaha yang dilakukan untuk mencoba koneksi ke Penyedia Data" + +#~ msgid "SSSD Services to start" +#~ msgstr "Layanan SSSD akan dijalankan" + +#~ msgid "SSSD Domains to start" +#~ msgstr "Domain SSSD akan dijalankan" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Pengguna yang diabaikan secara eksplisit oleh SSSD" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Grup yang diabaikan secara eksplisit oleh SSSD" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Haruskah pengguna yang disaring muncul dalam grup" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Nilai kolom kata sandi yang harus dikembalikan oleh penyedia NSS" + +#~ msgid "Identity provider" +#~ msgstr "Penyedia identitas" + +#~ msgid "Authentication provider" +#~ msgstr "Penyedia otentikasi" + +#~ msgid "Access control provider" +#~ msgstr "Penyedia kontrol akses" + +#~ msgid "Password change provider" +#~ msgstr "Penyedia pengubah kata sandi" + +#~ msgid "Minimum user ID" +#~ msgstr "ID pengguna minimum" + +#~ msgid "Maximum user ID" +#~ msgstr "ID pengguna maksimum" + +#~ msgid "IPA domain" +#~ msgstr "Domain IPA" + +#~ msgid "IPA server address" +#~ msgstr "Alamat server IPA" + +#~ msgid "IPA client hostname" +#~ msgstr "Nama host klien IPA" + +#~ msgid "Kerberos server address" +#~ msgstr "Alamat server Kerberos" + +#~ msgid "Kerberos realm" +#~ msgstr "Realm Kerberos" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, URI server LDAP" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Lamanya waktu untuk mencoba koneksi" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Membutuhkan verifikasi sertifikat TLS" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Tentukan mekanisme sasl yang digunakan" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Tentukan id otorisasi sasl yang digunakan" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Keytab layanan Kerberos" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" + +#~ msgid "Scope of user lookups" +#~ msgstr "Lingkup pencarian pengguna" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filter pencarian pengguna" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass untuk pengguna" + +#~ msgid "Username attribute" +#~ msgstr "Atribut Nama pengguna" + +#~ msgid "UID attribute" +#~ msgstr "Atribut UID" + +#~ msgid "Primary GID attribute" +#~ msgstr "Atribut GID Primer" + +#~ msgid "GECOS attribute" +#~ msgstr "Atribut GECOS" + +#~ msgid "Home directory attribute" +#~ msgstr "Atribut direktori Home" + +#~ msgid "Shell attribute" +#~ msgstr "Atribut Shell" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Atribut utama pengguna (untuk Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Nama Lengkap" + +#~ msgid "memberOf attribute" +#~ msgstr "Atribut memberOf" + +#~ msgid "Modification time attribute" +#~ msgstr "Atribut waktu modifikasi" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "" +#~ "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Shell default, /bin/bash" diff --git a/po/it.po b/po/it.po index d01ff1b41c..6556381a33 100644 --- a/po/it.po +++ b/po/it.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2019-03-06 08:57+0000\n" "Last-Translator: Milo Casagrande \n" "Language-Team: Italian (http://www.transifex.com/projects/p/sssd/language/" @@ -21,1549 +21,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Imposta il livello di dettaglio dei messaggi di debug" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Include marcatura temporale nei messaggi di registro" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Include i microsecondi nella marcatura temporale per il debug" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Scrive i messaggi di debug nei file di registro" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "Timeout di controllo prima di riavviare il servizio" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Comando per avviare il servizio" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Numero di tentativi di connessione ai provider dati" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"Il numero di descrittori file che possono essere aperti da questo responder" - -#: src/config/SSSDConfig/__init__.py.in:52 -#, fuzzy -msgid "Idle time before automatic disconnection of a client" -msgstr "" -"Tempo di attesa prima di interrompere automaticamente una connessione client" - -#: src/config/SSSDConfig/__init__.py.in:53 -#, fuzzy -msgid "Idle time before automatic shutdown of the responder" -msgstr "Tempo di attesa prima di chiudere automaticamente il responder" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "Interrogare tutte le cache prima dei provider dati" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Servizi SSD da avviare" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Domini SSD da avviare" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Timeout dei messaggi inviati tramite SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Espressione regolare per leggere nome utente e dominio" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Formato compatibile con printf per la visualizzazione di nomi completi" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "Directory dove salvare file di cache delle risposte Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "Regola il controllo del certificato" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Durata timeout aggiornamento cache in background (secondi)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Durata timeout negative cache (secondi)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Utenti che SSSD dovrebbe ignorare esplicitamente" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Gruppi che SSSD dovrebbe ignorare esplicitamente" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Indica se mostrare gli utenti filtrati nei gruppi" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" -"Il valore del campo password che deve essere ritornato dal provider NSS" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "Per quanto tempo accettare login in cache tra login online (giorni)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Numero di tentativi di login falliti quando offline" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Per quanto tempo (minuti) negare i tentativi di login dopo che " -"offline_failed_login_attemps è stato raggiunto" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Provider di identità" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Provider di autenticazione" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Provider di access control" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Provider di cambio password" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "ID utente minimo" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "ID utente massimo" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Consentire l'enumerazione di tutti gli utenti/gruppi" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Salvare in cache le credenziali per login offline" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Mostrare utenti/gruppi in formato fully-qualified" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Durata timeout elementi in cache (secondi)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Restringere o preferire una specifica famiglia di indirizzi per l'esecuzione " -"di lookup DNS" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto " -"successo (giorni)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "Il tempo di attesa per le richieste DNS (secondi)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti " -"DNS dinamici." - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Dominio IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Indirizzo del server IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Hostname del client IPA" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Filtro LDAP per determinare i privilegi di accesso" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Indirizzo del server Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Realm Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Timeout di autenticazione" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Directory in cui salvare le credenziali" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Percorso della cache delle credenziali utente" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Percorso del keytab per la validazione delle credenziali" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Abilita la validazione delle credenziali" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Intervallo di tempo tra due controlli di rinnovo" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Abilita FAST" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Server dove viene eseguito il servizio di cambio password, se non nel KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, l'indirizzo del server LDAP" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Il base DN predefinito" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Il bind DN predefinito" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Il tipo di token di autenticazione del bind DN predefinito" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Il token di autenticazione del bind DN predefinito" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Durata del tentativo di connessione" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Durata tra tentativi di riconnessione quando offline" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Usare solo maiuscole per i nomi dei realm" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "File contenente i certificati CA" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Percorso della directory dei cerficati della CA" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "File contenente il certificato client" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "File contenente la chiave client" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Lista delle possibili cipher suite" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Richiedere la verifica del certificato TLS" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Specificare il meccanismo sasl da usare" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Specificare l'id di autorizzazione sasl da usare" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Keytab del servizio Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Usare autorizzazione Kerberos per la connessione LDAP" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Seguire i referral LDAP" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Metodo di deferenziazione degli alias" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Durata attesa per le richieste di ricerca" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Durata tra gli aggiornamenti alle enumeration" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Intervallo di tempo per la pulizia cache" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Richiedere TLS per gli ID lookup" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Base DN per i lookup utente" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Ambito di applicazione dei lookup utente" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtro per i lookup utente" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass per gli utenti" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Attributo del nome utente" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Attributo UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Attributo del GID primario" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Attributo GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Attributo della home directory" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Attributo della shell" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Attributo user principal (per Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nome completo" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Attributo memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Attributo data di modifica" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Politica per controllare la scadenza della password" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Lista separata da virgola degli utenti abilitati" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Lista separata da virgola degli utenti non abilitati" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Shell predefinita, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Base delle home directory" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Il nome della libreria NSS da usare" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Stack PAM da usare" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Esegui come demone (default)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Esegui interattivamente (non come demone)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Specificare un file di configurazione specifico" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Livello debug" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Includi timestamp di debug" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Un descrittore di file aperto per l'output di debug" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1603,7 +109,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Dominio del provider di informazioni (obbligatorio)" @@ -2435,7 +941,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2612,44 +1118,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2858,3 +1364,333 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Imposta il livello di dettaglio dei messaggi di debug" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Include marcatura temporale nei messaggi di registro" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Include i microsecondi nella marcatura temporale per il debug" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Scrive i messaggi di debug nei file di registro" + +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "Timeout di controllo prima di riavviare il servizio" + +#~ msgid "Command to start service" +#~ msgstr "Comando per avviare il servizio" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Numero di tentativi di connessione ai provider dati" + +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Il numero di descrittori file che possono essere aperti da questo " +#~ "responder" + +#, fuzzy +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "Tempo di attesa prima di interrompere automaticamente una connessione " +#~ "client" + +#, fuzzy +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "Tempo di attesa prima di chiudere automaticamente il responder" + +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "Interrogare tutte le cache prima dei provider dati" + +#~ msgid "SSSD Services to start" +#~ msgstr "Servizi SSD da avviare" + +#~ msgid "SSSD Domains to start" +#~ msgstr "Domini SSD da avviare" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Timeout dei messaggi inviati tramite SBUS" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Espressione regolare per leggere nome utente e dominio" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Formato compatibile con printf per la visualizzazione di nomi completi" + +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "Directory dove salvare file di cache delle risposte Kerberos" + +#~ msgid "Tune certificate verification" +#~ msgstr "Regola il controllo del certificato" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Durata timeout aggiornamento cache in background (secondi)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Durata timeout negative cache (secondi)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Utenti che SSSD dovrebbe ignorare esplicitamente" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Gruppi che SSSD dovrebbe ignorare esplicitamente" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Indica se mostrare gli utenti filtrati nei gruppi" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "" +#~ "Il valore del campo password che deve essere ritornato dal provider NSS" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "Per quanto tempo accettare login in cache tra login online (giorni)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Numero di tentativi di login falliti quando offline" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Per quanto tempo (minuti) negare i tentativi di login dopo che " +#~ "offline_failed_login_attemps è stato raggiunto" + +#~ msgid "Identity provider" +#~ msgstr "Provider di identità" + +#~ msgid "Authentication provider" +#~ msgstr "Provider di autenticazione" + +#~ msgid "Access control provider" +#~ msgstr "Provider di access control" + +#~ msgid "Password change provider" +#~ msgstr "Provider di cambio password" + +#~ msgid "Minimum user ID" +#~ msgstr "ID utente minimo" + +#~ msgid "Maximum user ID" +#~ msgstr "ID utente massimo" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Consentire l'enumerazione di tutti gli utenti/gruppi" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Salvare in cache le credenziali per login offline" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Mostrare utenti/gruppi in formato fully-qualified" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Durata timeout elementi in cache (secondi)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Restringere o preferire una specifica famiglia di indirizzi per " +#~ "l'esecuzione di lookup DNS" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto " +#~ "successo (giorni)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "Il tempo di attesa per le richieste DNS (secondi)" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti " +#~ "DNS dinamici." + +#~ msgid "IPA domain" +#~ msgstr "Dominio IPA" + +#~ msgid "IPA server address" +#~ msgstr "Indirizzo del server IPA" + +#~ msgid "IPA client hostname" +#~ msgstr "Hostname del client IPA" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Filtro LDAP per determinare i privilegi di accesso" + +#~ msgid "Kerberos server address" +#~ msgstr "Indirizzo del server Kerberos" + +#~ msgid "Kerberos realm" +#~ msgstr "Realm Kerberos" + +#~ msgid "Authentication timeout" +#~ msgstr "Timeout di autenticazione" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Directory in cui salvare le credenziali" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Percorso della cache delle credenziali utente" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Percorso del keytab per la validazione delle credenziali" + +#~ msgid "Enable credential validation" +#~ msgstr "Abilita la validazione delle credenziali" + +#~ msgid "Time between two checks for renewal" +#~ msgstr "Intervallo di tempo tra due controlli di rinnovo" + +#~ msgid "Enables FAST" +#~ msgstr "Abilita FAST" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Server dove viene eseguito il servizio di cambio password, se non nel KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, l'indirizzo del server LDAP" + +#~ msgid "The default base DN" +#~ msgstr "Il base DN predefinito" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "Il bind DN predefinito" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Il tipo di token di autenticazione del bind DN predefinito" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Il token di autenticazione del bind DN predefinito" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Durata del tentativo di connessione" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Durata tra tentativi di riconnessione quando offline" + +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Usare solo maiuscole per i nomi dei realm" + +#~ msgid "File that contains CA certificates" +#~ msgstr "File contenente i certificati CA" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Percorso della directory dei cerficati della CA" + +#~ msgid "File that contains the client certificate" +#~ msgstr "File contenente il certificato client" + +#~ msgid "File that contains the client key" +#~ msgstr "File contenente la chiave client" + +#~ msgid "List of possible ciphers suites" +#~ msgstr "Lista delle possibili cipher suite" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Richiedere la verifica del certificato TLS" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Specificare il meccanismo sasl da usare" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Specificare l'id di autorizzazione sasl da usare" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Keytab del servizio Kerberos" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Usare autorizzazione Kerberos per la connessione LDAP" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Seguire i referral LDAP" + +#~ msgid "How to dereference aliases" +#~ msgstr "Metodo di deferenziazione degli alias" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Durata attesa per le richieste di ricerca" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Durata tra gli aggiornamenti alle enumeration" + +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Intervallo di tempo per la pulizia cache" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Richiedere TLS per gli ID lookup" + +#~ msgid "Base DN for user lookups" +#~ msgstr "Base DN per i lookup utente" + +#~ msgid "Scope of user lookups" +#~ msgstr "Ambito di applicazione dei lookup utente" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filtro per i lookup utente" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass per gli utenti" + +#~ msgid "Username attribute" +#~ msgstr "Attributo del nome utente" + +#~ msgid "UID attribute" +#~ msgstr "Attributo UID" + +#~ msgid "Primary GID attribute" +#~ msgstr "Attributo del GID primario" + +#~ msgid "GECOS attribute" +#~ msgstr "Attributo GECOS" + +#~ msgid "Home directory attribute" +#~ msgstr "Attributo della home directory" + +#~ msgid "Shell attribute" +#~ msgstr "Attributo della shell" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Attributo user principal (per Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Nome completo" + +#~ msgid "memberOf attribute" +#~ msgstr "Attributo memberOf" + +#~ msgid "Modification time attribute" +#~ msgstr "Attributo data di modifica" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Politica per controllare la scadenza della password" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Lista separata da virgola degli utenti abilitati" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Lista separata da virgola degli utenti non abilitati" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Shell predefinita, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Base delle home directory" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "Il nome della libreria NSS da usare" + +#~ msgid "PAM stack to use" +#~ msgstr "Stack PAM da usare" diff --git a/po/ja.po b/po/ja.po index 9056f7385a..503ece1dee 100644 --- a/po/ja.po +++ b/po/ja.po @@ -6,13 +6,15 @@ # Tomoyuki KATO , 2012-2013 # Noriko Mizumoto , 2016. #zanata # Keiko Moriguchi , 2019. #zanata +# Ludek Janda , 2020. #zanata +# Pavel Brezina , 2020. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" -"PO-Revision-Date: 2019-10-07 11:46+0000\n" -"Last-Translator: Keiko Moriguchi \n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" +"PO-Revision-Date: 2020-05-19 10:06+0000\n" +"Last-Translator: Pavel Brezina \n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" "ja/)\n" "Language: ja\n" @@ -22,2917 +24,2585 @@ msgstr "" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "デバッグのロギングの冗長性を設定する" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "デバッグログにタイムスタンプを含める" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "デバッグログにミリ秒単位のタイムスタンプを含める" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "デーモンとして実行(デフォルト)" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "デバッグメッセージをログファイルに書き込む" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "対話的に実行(デーモンではない)" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "サービス再起動前の Watchdog タイムアウト" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "netlink インターフェースを無効にする" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "サービス開始のコマンド" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "非標準の設定ファイルの指定" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "データプロバイダーの接続を試行する回数" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "設定データベースをリフレッシュし、その後終了します" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "このレスポンダーににより開かれるファイル記述子の数" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "--genconf と似ていますが、任意のセクションのみをリフレッシュします" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "クライアントの自動切断までのアイドル時間" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "バージョン番号を表示して終了する" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "レスポンダーの自動シャットダウンまでのアイドル時間" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "SSSD はすでに実行中です\n" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" -"データプロバイダーをクエリーする前に、常にすべてのキャッシュをクエリーします" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "デバッグレベル" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "開始する SSSD サービス" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "デバッグのタイムスタンプを追加する" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "開始する SSSD ドメイン" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "タイムスタンプをミリ秒単位で表示する" -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "SBUS 経由のメッセージ送信のタイムアウト" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "デバッグログのオープンファイルディスクリプター" -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "ユーザー名とドメインを構文解析する正規表現" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "デバッグ出力を stderr に直接送信します。" -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "完全修飾名を表示するための printf 互換の形式" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "次のように FAST ccache を作成するユーザー" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"SSSD が Kerberos リプレイキャッシュファイルを保存するファイルシステムのディレ" -"クトリです。" +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "次のように FAST ccache を作成するグループ" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "domain 要素なしで追加するドメインの名前。" +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "使用する Kerberos レルム" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "ユーザーが特権を停止します" +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "チケットの要求された有効期間" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "証明書検証の調整" +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "チケットの要求された更新可能な有効期間" -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"グループ名またはユーザー名のすべてのスペースは、この文字に置き換えられます" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "FAST のオプション ('never'、'try'、'demand')" -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "SSSD を調整し、netlink の状態変更を尊重するか、または無視します" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" +msgstr "FAST で使用するサーバープリンシパルを指定します" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "暗黙のファイルドメインを有効化または無効化する" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "プリンシパル名の正規化を要求します" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "検索するドメインの特定の順番" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "krb5_get_init_creds_password のカスタムバージョンを使用します" -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "列挙キャッシュのタイムアウト(秒)" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "情報プロバイダーのドメイン (必須)" -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "エントリーキャッシュのバックグラウンド更新のタイムアウト時間(秒)" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "特権ソケットの所有者またはパーミッションが誤っています。" -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "ネガティブキャッシュのタイムアウト(秒)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." +msgstr "公開ソケットの所有者またはパーミッションが誤っています。" -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "ファイルネガティブキャッシュのタイムアウト時間(秒)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "サーバーのクレデンシャルメッセージの予期しない形式です。" -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "SSSD が明示的に無視するユーザー" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD は root により実行されません。" -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "SSSD が明示的に無視するグループ" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "SSSD ソケットは存在しません。" -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "フィルターされたユーザーをグループに表示する" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "SSSD ソケットの統計を取得できません。" -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "NSS プロバイダーが返すパスワード項目の値" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "エラーが発生しましたが、説明がありませんでした。" -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "識別プロバイダーからのホームディレクトリーの値をこの値で上書きする" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" +msgstr "エラーの説明を検索中に予期しないエラーが発生しました" -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"アイデンティティプロバイダーからの空のホームディレクトリーをこの値で置き換え" -"ます" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "パーミッションが拒否されました。" -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "アイデンティティプロバイダーからのシェル値をこの値で上書きします" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "サーバーのメッセージ: " -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "ユーザーがログインを許可されるシェルの一覧" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "パスワードが一致しません" -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "拒否されてフォールバックシェルで置き換えられるシェルの一覧" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." +msgstr "root によるパスワードのリセットはサポートされません。" -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"中央ディレクトリーに保存されたシェルが許可されるが、利用できない場合、この" -"フォールバックを使用する" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "キャッシュされているクレデンシャルを用いて認証されました" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "プロバイダーが一覧に持っていないとき使用するシェル" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr "、キャッシュされたパスワードが失効します: " -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "メモリー内のキャッシュレコードが有効な期間" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "パスワードの期限が切れています。あと %1$d 回ログインできます。" -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "NSS レスポンダーがパブリッシュを許可されたユーザー属性の一覧" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "あなたのパスワードは %1$d %2$s に期限切れになります。" -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "オンラインログイン中にキャッシュによるログインが許容される期間(日数)" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "次まで認証が拒否されます: " -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "オフラインのときに許容されるログイン試行失敗回数" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" +msgstr "システムがオフラインです、パスワード変更ができません" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "offline_failed_login_attempts に達した後にログインを拒否する時間(分)" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "認証中にユーザーに表示されるメッセージの種類" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" +msgstr "" +"OTP パスワードの変更後、チケットを取得するためにログアウト後に再びログインす" +"る必要があります" -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "pam_sss へ送信された PAM のレスポンスをフィルタリングします" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "パスワードの変更に失敗しました。" -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "PAM 要求に対してキャッシュされた認証情報を保持する秒数" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "新しいパスワード: " -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "警告が表示されるパスワード失効前の日数" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "新しいパスワードの再入力: " -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "信頼できる UID またはユーザー名の一覧" +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "1 番目の要素: " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "信頼できないユーザーでさえアクセス可能なドメインの一覧。" +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "2 番目の要素 (オプション): " -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "ユーザーアカウントの有効期限が切れると、メッセージが印刷されます。" +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "2 番目の要素: " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "ユーザーアカウントがロックされると、メッセージが印刷されます。" +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "パスワード: " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "証明書ベースまたはスマートカードによる認証を許可します。" +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "1 番目の要素 (現在のパスワード): " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "PKCS#11 モジュールでの証明書データベースへのパス。" +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "現在のパスワード: " -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "p11_child が完了するまでに pam_sss が待つ秒数" +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "アプリケーションドメインへの接続を許可される PAM サービスはどれか" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "実行するデバッグレベル" -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "スマートカードの使用が許可されたサービス" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "使用する SSSD ドメイン" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "要求された場合に、カードが待つ追加のタイムアウト" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "ロケールの設定中にエラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "スマートカード認証向けのデバイスの選択を PKCS#11 URI が制限" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "十分なメモリーがありません\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "sudo ルールにおいて時間による属性を評価するかどうか" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "ユーザーが指定されていません\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "正しい場合、SSSD は小さい番号が優先される順位付けのロジックへ戻ります" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "公開鍵の検索中にエラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" -"一度にリフレッシュ可能なルールの最大数。最大数を超えると、フルリフレッシュが" -"実行されます。" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "ホストへの接続に使用するポート" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "known_hosts ファイルにおいてホスト名とアドレスをハッシュ化するかどうか" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "ホスト SSH 公開鍵を印刷" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "ホスト鍵が要求された後 known_hosts ファイルにホストを保持する秒数" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "無効なポート\n" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "信頼された CA 証明書のストレージへのパス" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "ホストが指定されていません\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "プロキシコマンドへのパスは絶対パスにする必要があります\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy: ホスト名 %s を解決できませんでした\n" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "PAC レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "ユーザーの UID" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "PAC データが有効とされる期間" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "コメント文字列" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"InfoPipe レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "ホームディレクトリー" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "InfoPipe がパブリッシュを許可されたユーザー属性の一覧" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "ログインシェル" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "シークレットが保存されるプロバイダー" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "グループ" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "ネストされたコンテナーの最大許可数" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "ユーザーのディレクトリーが存在しなければ作成する" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "保存可能なシークレットの最大数" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "ユーザーのディレクトリーを作成しない、設定を上書きする" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "UID ごとに保存可能なシークレットの最大数" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "代替のスケルトンディレクトリーを指定する" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "キロバイトでのシークレットの最大ペイロードサイズ" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "ユーザーのログインに対する SELinux ユーザー" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "URL Custodia サーバーはリッスンしています" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "追加するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "Custodia サーバーへの認証時に使用する方法" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "追加するユーザーを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" msgstr "" -"auth_header_value で値が定義され、HTTP リクエストに追加されるヘッダーの名前" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "sssd-secrets の値は、auth_header_name で使用します" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "要求と共に Custodia サーバーへ転送するヘッダーの一覧" +"ツールを初期化中にエラーが発生しました - ローカルドメインがありません\n" -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するユーザー名" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するパスワード" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" -"proxy_url が https protocol を使用する場合に、正しいピアの証明書が検証される" -"かどうか" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" -"https プロトコルが使用される場合に、間違ったピアの証明書が proxy_url 以外の異" -"なるホスト名を含むかどうか" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "CA 証明書が保存されているディレクトリーへのパス" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "サーバーの CA 証明書を含むファイルへのパス" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "クライアントの証明書を含むファイルへのパス" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "クライアントのプライベートキーを含むファイルへのパス" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "アイデンティティプロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "認証プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "アクセス制御プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "パスワード変更プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "SUDO プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Autofs プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "ホスト識別プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "SELinux プロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "セッションマネージャーのプロバイダー" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "OS またはアプリケーションがドメインを使用できるかどうか" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "最小ユーザー ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "最大ユーザー ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "すべてのユーザー・グループの列挙を有効にする" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "オフラインログインのためにクレディンシャルをキャッシュする" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "ユーザー・グループを完全修飾形式で表示する" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "グループ検索にグループメンバーを含めない" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "エントリーキャッシュのタイムアウト長(秒)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "DNS 検索を実行するときに特定のアドレスファミリーを制限または優先します" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "最終ログイン成功時からキャッシュエントリーを保持する日数" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" -"次のサーバーを試行するまでに SSSD が単一の DNS サーバーと通信する時間 (ミリ" -"秒)" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "単一の DNS クエリーの解決を試行する時間 (秒)" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "サーバーを名前解決するときに DNS から応答を待つ時間(秒)" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "ツールを初期化中にエラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "サービス検索 DNS クエリーのドメイン部分" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "FQDN で指定されたドメインが無効です\n" -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "識別プロバイダーからの GID 値をこの値で上書きする" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "パラメーターを解析中に内部エラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "ユーザー名が大文字小文字を区別するよう取り扱う" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "グループがユーザーと同じドメインになければいけません\n" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "期限切れのエントリーがバックグラウンドで更新される頻度" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "ローカルドメインにグループ %1$s を見つけられません\n" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "自動的にクライアントの DNS エントリーを更新するかどうか" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "デフォルト値を設定できません\n" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "クライアントの DNS 項目を更新後、適用する TTL" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" +msgstr "選択された UID は許容される範囲を越えています\n" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "動的 DNS 更新のために使用される IP のインターフェース" +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "SELinux ログインコンテキストを設定できません\n" -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "どのくらい定期的にクライアントの DNS エントリーを更新するか" +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "ユーザーに関する情報を取得できません\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" -"プロバイダーが同じように PTR レコードを明示的に更新する必要があるかどうか" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "nsupdate ユーティリティが標準で TCP を使用するかどうか" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "DNS 更新を実行するために使用すべき認証の種類" +"ユーザーのホームディレクトリーがすでに存在します、スケルトンディレクトリーか" +"らデータをコピーしません\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "DNS の更新を実行する際に使用する DNS サーバーを上書き" +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "ユーザーのホームディレクトリーを作成できません: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "信頼されたドメインの列挙を制御" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "ユーザーのメールスプールを作成できません: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "サブドメインの一覧のリフレッシュ回数" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "ユーザーに ID を割り当てられませんでした - ドメインがいっぱいですか?\n" -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "サブドメインに継承すべきオプションの一覧" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" +msgstr "同じ名前または ID を持つユーザーまたはグループがすでに存在します\n" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "デフォルトのサブドメインホームディレクトリーの値" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "トランザクションエラー。ユーザーを追加できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "証明書キャッシュを認証キャッシュに使用できる期間" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "グループの GID" -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "ユーザーにプライベートグループを自動的に作成するかどうか" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "追加するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA ドメイン" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "選択された GID は許容される範囲を越えています\n" -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA サーバーのアドレス" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "グループに ID を割り当てられませんでした - ドメインがいっぱいですか?\n" -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "バックアップ IPA サーバーのアドレス" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "同じ名前または GID を持つグループがすでに存在します\n" -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA クライアントのホスト名" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "トランザクションエラー。グループを追加できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "削除するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "HBAC 関連オブジェクトの検索ベース" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "グループ %1$s はドメインに対して定義された ID の範囲を越えています\n" -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" +msgstr "" +"NSS リクエストに失敗しました (%1$d)。項目はメモリーキャッシュに残されます。\n" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/tools/sss_groupdel.c:132 msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "この IPA クライアントが使用している automounter の場所" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "DNS サイトの有効化 - 位置にサービス探索" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "ビューコンテナーの検索ベース" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "ビューコンテナーのオブジェクトクラス" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "ビューの名前の属性" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" +msgstr "" +"そのようなグループはローカルドメインにありません。グループの削除はローカルド" +"メインにおいてのみ許可されます。\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "上書きされたオブジェクトのオブジェクトクラス" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "内部エラー。グループを削除できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "オリジナルオブジェクトを参照する属性" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "このグループに追加するグループ" -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "ユーザーが上書きするオブジェクトのオブジェクトクラス" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "このグループから削除するグループ" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "グループが上書きするオブジェクトのオブジェクトクラス" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "削除するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "デスクトッププロファイルに関連するオブジェクトの検索ベース" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "変更するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/tools/sss_groupmod.c:130 msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"IPA サーバーに対するデスクトッププロファイルルールを検索している間の秒単位の" -"合計時間" +"ローカルドメインにグループが見つかりませんでした。グループの変更はローカルド" +"メインにおいてのみ許可されます\n" + +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" +msgstr "メンバーグループが親グループと同じドメインにある必要があります\n" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" -"最後の要求がルールを何も見つけなかった場合の IPA サーバーに対するデスクトップ" -"プロファイルル ールを検索している間の分単位の合計時間" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Active Directory ドメイン" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "有効化された Active Directory ドメイン" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Active Directory サーバーアドレス" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Active Directory バックアップサーバーのアドレス" +"ローカルドメインにグループ %1$s が見つかりません。ローカルドメインにあるグ" +"ループのみが許可されます\n" -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Active Directory クライアントホスト名" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" +msgstr "" +"グループを変更できませんでした - メンバーグループ名が正しいかを確認してくださ" +"い\n" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "アクセス権限を決めるための LDAP フィルター" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" +msgstr "" +"グループを変更できませんでした - グループ名が正しいかを確認してください\n" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "検索にグローバルカタログを使用するかどうか" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "トランザクションエラー。グループを変更できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "グローバルカタログベースのアクセス制御に対するオペレーションモード" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "マジックプライベート " -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "AD サーバーに対する GPO ポリシーファイルを検索している間の合計時間" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGroup: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" -"GPO (Deny)InteractiveLogonRight のポリシー設定にマッピングした PAM サービス名" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sGID 番号: %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" -"GPO (Deny)RemoteInteractiveLogonRight のポリシー設定にマッピングした PAM サー" -"ビス名" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sMember ユーザー: " -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/tools/sss_groupshow.c:627 +#, c-format msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" +"\n" +"%1$sIs a member of: " msgstr "" -"GPO (Deny)NetworkLogonRight のポリシー設定にマッピングした PAM サービス名" +"\n" +"%1$sIs は次のメンバー: " -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/tools/sss_groupshow.c:634 +#, c-format msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" +"\n" +"%1$sMember groups: " msgstr "" -"GPO (Deny)BatchLogonRight のポリシー設定にマッピングした PAM サービス名" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "(Deny)ServiceLogonRight のポリシー設定にマッピングした PAM サービス名" +"\n" +"%1$sMember グループ: " -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "GPO ベースのアクセスが常に許可される PAM サービス名" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "間接グループメンバーを再帰的に表示する" -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "GPO ベースのアクセスが常に拒否される PAM サービス名" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "表示するグループを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:251 +#: src/tools/sss_groupshow.c:744 msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" msgstr "" -"マッピングされていない PAM サービス名に使用するデフォルトのログオン権利 (また" -"は許可/拒否)" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "クライアントが使用する特定のサイト" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "マシンアカウントのパスワードの更新が必要となるまでの最大日数" +"そのようなグループはローカルドメインにありません。グループの表示はローカルド" +"メインにおいてのみ許可されます。\n" -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "マシンアカウントの更新タスクをチューニングするオプション" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "内部エラー。グループを表示できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos サーバーのアドレス" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Kerberos バックアップサーバーのアドレス" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos レルム" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "認証のタイムアウト" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "kdcinfo ファイルを作成するかどうか" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "krb5 設定スニペットを削除する場所" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "クレディンシャルのキャッシュを保存するディレクトリー" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "ユーザーのクレディンシャルキャッシュの位置" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "クレディンシャルを検証するキーテーブルの場所" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "クレディンシャルの検証を有効にする" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "更新可能な TGT の有効期間" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "TGT の有効期間" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "更新を確認する間隔" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "FAST を有効にする" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "FAST に使用するプリンシパルを選択する" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "プリンシパル正規化を有効にする" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "エンタープライズ・プリンシパルの有効化" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "ユーザー名から Kerberos プリンシパル名までのマッピング" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "ホームディレクトリーとメールスプールを削除する" -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, LDAP サーバーの URI" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "ホームディレクトリーとメールスプールを削除しない" -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, LDAP サーバーの URI" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "ユーザーにより所有されていないファイルの強制削除" -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "デフォルトのベース DN" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "ユーザーを削除する前にそのユーザーのプロセスを強制停止する" -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "LDAP サーバーにおいて使用中のスキーマ形式、rfc2307" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "削除するユーザーを指定する\n" -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "ユーザーのパスワードの変更にモードを使用しました" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "ユーザー %1$s はドメインに対して定義された ID の範囲を超えています\n" -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "デフォルトのバインド DN" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "SELinux ログインコンテキストをリセットできません\n" -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "デフォルトのバインド DN の認証トークンの種類" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" +msgstr "" +"警告: ユーザー (uid %1$lu) が削除された時にまだログインしていました。\n" -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "デフォルトのバインド DN の認証トークン" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" +msgstr "" +"ユーザーがこのプラットフォームにログインしていたかを確認できませんでした" -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "接続を試行する時間" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "ユーザーがログインしていたかを確認中にエラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "LDAP 同期操作を試行する時間" +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "削除後コマンドの実行に失敗しました: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "オフラインの間に再接続を試行する時間" +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" +msgstr "" +"ホームディレクトリーを削除していません - ユーザーにより所有されていません\n" -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "レルム名に対して大文字のみを使用する" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "CA 証明書を含むファイル" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "CA 証明書のディレクトリーのパス" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "クライアント証明書を含むファイル" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "クライアントの鍵を含むファイル" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "利用可能な暗号の一覧" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "TLS 証明書の検証を要求する" +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "ホームディレクトリーを削除できません: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "使用する SASL メカニズムを指定する" +#: src/tools/sss_userdel.c:326 +msgid "" +"No such user in local domain. Removing users only allowed in local domain.\n" +msgstr "" +"そのようなユーザーはローカルドメインにいません。ユーザーの削除はローカルドメ" +"インにおいてのみ許可されます。\n" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "使用する SASL 認可 ID を指定する" +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "内部エラー。ユーザーを削除できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "使用する SASL 認可レルムを指定する" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "ユーザーの GID" -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "LDAP SASL 認可の最小 SSF を指定する" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "このユーザーを追加するグループ" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Kerberos サービスのキーテーブル" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "このユーザーを削除するグループ" -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "LDAP 接続に対して Kerberos 認証を使用する" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "アカウントをロックする" -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "LDAP リフェラルにしたがう" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "アカウントをロック解除する" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "LDAP 接続の TGT の有効期間" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "属性/値のペアを追加します。フォーマットは attrname=value です。" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "エイリアスを参照解決する方法" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." +msgstr "属性/値のペアを削除します。フォーマットは attrname=value です。" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "DNS サービス検索のサービス名" +#: src/tools/sss_usermod.c:59 +msgid "" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" +msgstr "" +"名前/値のペアに属性を指定します。形式は attrname=value です。複数の値を持つ属" +"性の場合、コマンドがすでに存在する値に置き換えられます。" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "単一の LDAP 問い合わせにおいて取得するレコード数" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "属性の名前/値のペアを指定します\n" -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "変更するユーザーを指定してください\n" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/tools/sss_usermod.c:180 msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" msgstr "" -"LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す" -"るかどうか" +"ローカルドメインにユーザーを見つけられません。ユーザーの変更はローカルドメイ" +"ンにおいてのみ許可されます。\n" -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "entryUSN 属性" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" +msgstr "" +"ユーザーを変更できませんでした - グループ名が正しいかを確認してください\n" -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "lastUSN 属性" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" +msgstr "" +"ユーザーを変更できませんでした - ユーザーはすでにグループのメンバーですか?\n" -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "LDAP サーバーを切断する前に接続を保持する時間" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" +msgstr "トランザクションエラー。ユーザーを変更できませんでした。\n" -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "LDAP ページング制御を無効化する" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n" -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Active Directory 範囲の取得の無効化" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "%1$s を無効化できませんでした\n" -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "検索要求を待つ時間" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "%1$s %2$s を無効化できませんでした\n" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "列挙の要求を待つ時間" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "すべてのキャッシュエントリーを無効化します" -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "列挙の更新間隔" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "特定のユーザーを無効にする" -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "キャッシュをクリーンアップする間隔" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "すべてのユーザーを無効にする" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "ID 検索に TLS を要求する" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "特定のグループを無効にする" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "すべてのグループを無効にする" -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "ユーザー検索のベース DN" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "特定のネットワークグループを無効にする" -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "ユーザー検索の範囲" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "すべてのネットワークグループを無効にする" -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "ユーザー検索のフィルター" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "特定のサービスの無効化" -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "ユーザーのオブジェクトクラス" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "すべてのサービスの無効化" -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "ユーザー名の属性" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "特定の autofs マップの無効化" -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "UID の属性" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "すべての autofs マップの無効化" -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "プライマリー GID の属性" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "特定の SSH ホストを無効化します" -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "GECOS の属性" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "すべての SSH ホストを無効化します" -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "ホームディレクトリの属性" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "特定の sudo ルールを無効化します" -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "シェルの属性" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "すべてのキャッシュ sudo ルールを無効化します" -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "UUID 属性" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "特定のドメインのみからエントリーを無効にする" -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "objectSID 属性" +#: src/tools/sss_cache.c:811 +msgid "" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" +msgstr "" +"予期しない引数が提供される場合、1 つのオブジェクトを無効化するオプションは、" +"提供された引数を 1 つだけ受け取ります。\n" -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "ID マッピングの Active Directory プライマリーグループ属性" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" +msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n" -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "ユーザープリンシパルの属性(Kerberos 用)" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" +msgstr "" +"ドメイン %1$s を開けませんでした。ドメインがサブドメイン (信頼済みドメイン) " +"であれば、--domain/-d パラメーターの代わりに完全修飾名を使用してください。\n" -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "氏名" +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "利用可能なドメインを開けませんでした\n" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "memberOf 属性" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "" +"名前 '%1$s' が FQDN であるように見えません ('%2$s = TRUE' が設定されます)\n" -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "変更日時の属性" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "メモリー不足\n" -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "shadowLastChange 属性" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s は root として実行する必要があります\n" -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "shadowMin 属性" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "はい" -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "shadowMax 属性" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "いいえ" -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "shadowWarning 属性" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "エラー" -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "shadowInactive 属性" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "無効な結果。" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "shadowExpire 属性" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "ユーザーインプットの読み込みができませんでした\n" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "shadowFlag 属性" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "" +"無効なインプットです。'%s' または '%s' のいずれかを提供してください。\n" -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "認可された PAM サービスを一覧化する属性" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "外部のコマンドを実行中にエラーが発生しました\n" -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "認可されたサーバーホストを一覧化する属性" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "SSSD を実行する必要があります。SSSD をすぐに実行しますか?" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "認可されたサーバー rhosts を一覧化する属性" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "SSSD を実行してはいけません。SSSD を今、停止しますか?" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "krbLastPwdChange 属性" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "SSSD は再起動が必要です。SSSD を今、再起動しますか?" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "krbPasswordExpiration 属性" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s はキャッシュにありません\n" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "サーバー側パスワードポリシーが有効であることを意味する属性" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "名前" -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "AD の accountExpires 属性" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "キャッシュエントリーの作成日" -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "AD の userAccountControl 属性" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "キャッシュエントリーが最後に更新された時間" -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "nsAccountLock 属性" +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "キャッシュエントリーの期限切れ時間" -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "NDS の loginDisabled 属性" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "InfoPipe にキャッシュ" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "NDS の loginExpirationTime 属性" +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "エラー: オブジェクト [%d] を取得できません: %s\n" -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "NDS の loginAllowedTimeMap 属性" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: 値 [%d] の読み込みができません: %s\n" -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "SSH 公開鍵の属性" +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "名前を指定します。" -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "ユーザー用に許可された認証タイプを一覧化する属性" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "名前 %s を構文解析できません。\n" -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "ユーザーの X509 証明書を含む属性" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "SID で検索" -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "ユーザーの電子メールアドレスを含む属性" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "ユーザーID で検索" -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "ユーザーエントリーと共にダウンロードする追加的な属性の一覧" +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Initgroups の期限切れ時間" -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "グループ検索のベース DN" +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "グループ ID で検索" -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "グループのオブジェクトクラス" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" +msgstr "%s を開くことに失敗しました\n" -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "グループ名" +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" +msgstr "ファイル %1$s は存在しません。\n" -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "グループのパスワード" +#: src/tools/sssctl/sssctl_config.c:79 +msgid "" +"File ownership and permissions check failed. Expected root:root and 0600.\n" +msgstr "" +"ファイルの所有権とパーミッションの確認に失敗しました。予期される root:root お" +"よび 0600。\n" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "GID 属性" +#: src/tools/sssctl/sssctl_config.c:85 +#, fuzzy, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "%s からの設定のロードに失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "グループメンバー属性" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "設定ディレクトリーの読み込み中にエラーが発生しました。\n" -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "グループ UUID 属性" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "グループの変更日時の属性" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" +"設定はありません。SSSD は、ファイルプロバイダーでデフォルト設定を使用しま" +"す。\n" -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "グループおよび他のフラグのタイプ" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "バリデーターの実行に失敗しました" -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "LDAP グループの外部メンバーの属性" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "バリデーターで特定された問題: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "SSSD が従う最大ネストレベル" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "設定のマージ中に生成されたメッセージ: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "ネットグループ検索のベース DN" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "使用された設定スニペットファイル: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "ネットグループのオブジェクトクラス" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "バックアップディレクトリー [%d] を作成できません: %s" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "ネットグループ名" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" +msgstr "" +"ローカルデータの SSSD バックアップはすでに存在しますが、上書きしますか?" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "ネットグループメンバーの属性" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "ユーザーの上書きをエクスポートできません\n" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "ネットグループの三つ組の属性" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "グループの上書きをエクスポートできません\n" -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "ネットグループの変更日時の属性" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "既存のバックアップを上書き" -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "サービス検索のベース DN" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "ユーザーの上書きをインポートできません\n" -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "サービスのオブジェクトクラス" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "グループの上書きをインポートできません\n" -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "サービス名の属性" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "実行中でない場合、SSSD を開始します" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "サービスポートの属性" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "データのインポートの後、SSSD を再起動します" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "サービスプロトコルの属性" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "クリーンなキャッシュファイルを作成し、ローカルデータをインポートします" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "ID マッピングの下限" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "キャッシュを削除する前に SSSD を停止します" -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "ID マッピングの上限" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "キャッシュの削除後に SSSD を開始します" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "ID マッピングするとき、各スライスに対する ID の数" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "ローカルデータのバックアップを作成中...\n" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" +msgstr "" +"ローカルデータのバックアップの作成ができません。キャッシュを削除できませ" +"ん。\n" -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "ID マッピングに対するデフォルトドメインの名前" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "キャッシュファイルの削除中...\n" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "ID マッピングに対するデフォルトドメインの SID" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "キャッシュファイルを削除できません\n" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "セカンダリースライスの数" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "ローカルデータの復元中...\n" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Token-Group を使うかどうか" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" +msgstr "" +"プライマリーまたは信頼されたドメインタイプを含むドメインリストを表示します" -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "LDAP サーバーから許可される ID の下限の設定" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "システムバスに接続できません。\n" -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "LDAP サーバーから許可される ID の上限の設定" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "オンライン" -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "ppolicy クエリーの DN" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "オフライン" -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "ワイルドカードの要求の間に取得する最大エントリーの数" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "オンライン状態: %s\n" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "パスワード失効の評価のポリシー" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "このドメインには、アクティブなサーバーはありません。\n" -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "アクティブサーバー:\n" -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "どのルールがアクセス制御を評価するために使用されるか" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "接続していません" -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "パスワードの変更が許可される LDAP サーバーの URI" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "サーバーが見つかりません。\n" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "%s サーバーが見つかりました:\n" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "LDAP パスワードの変更サーバーの DNS サービス名" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "今のところありません。\n" -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "オンライン状態を表示" -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "sudo ルール検索のベース DN" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "アクティブサーバーに関する情報の表示" -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "自動的な完全更新間隔" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "見つかったサーバーに関する一覧を表示" -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "自動的なスマート更新間隔" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "ドメイン名を指定します。" -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" -"ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう" -"か" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "メモリーの空き容量がありません。\n" -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン" -"名" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "オンライン状態を取得できません\n" -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット" -"ワーク" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "サーバー一覧を取得できません\n" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "ホスト属性に正規表現を含むルールを含めるかどうか" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "切り捨てる代わりにログファイルを削除します" -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "sudo ルールのオブジェクトクラス" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "ログファイルを削除中...\n" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "ログファイルを削除できません\n" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "sudo ルール名" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "ログファイルを切り捨てます...\n" -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "sudo ルールのコマンドの属性" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "ログファイルの切り捨てができません\n" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "sudo ルールのホストの属性" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "メモリーの空き容量がありません。" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "sudo ルールのユーザーの属性" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "ログファイルを %s へアーカイブ中...\n" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "sudo ルールのオプションの属性" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "ログファイルのアーカイブができません\n" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "sudo ルールの runas の属性" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "設定したいデバッグレベルを指定します" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "sudo ルールの runasuser の属性" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "SSSD InfoPipe ユーザー検索の結果:\n" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "sudo ルールの runasgroup の属性" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "dlopen は [%s] で失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "sudo ルールの notbefore の属性" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "dlsym は [%s] で失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "sudo ルールの notafter の属性" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "malloc は失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "sudo ルールの order の属性" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "sss_getpwnam_r が [%d] で失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "automounter マップのオブジェクトクラス" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "SSSD nss ユーザー検索の結果:\n" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "オートマウントのマップ名の属性" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " - user name: %s\n" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "automounter マップエントリーのオブジェクトクラス" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " - user id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "automounter マップエントリーのキー属性" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " - group id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "automounter マップエントリーの値属性" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " - gecos: %s\n" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "automonter のマップ検索のベース DN" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " - home directory: %s\n" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "許可ユーザーのカンマ区切り一覧" +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format +msgid "" +" - shell: %s\n" +"\n" +msgstr "" +" - shell: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "禁止ユーザーのカンマ区切り一覧" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "PAM アクション [auth|acct|setc|chau|open|clos]、デフォルト: " -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "デフォルトのシェル, /bin/bash" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "PAM サービス、デフォルト: " -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "ホームディレクトリーのベース" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "ユーザー名を指定します。" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "事前にフォークされた子プロキシの数" +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format +msgid "" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" +msgstr "" +"ユーザー: %s\n" +"アクション: %s\n" +"サービス: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "使用する NSS ライブラリーの名前" +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "[%s] でのユーザー名の検索に失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "[%s] での InfoPipe ユーザーの検索に失敗しました。\n" -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "使用する PAM スタック" +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "pam_start に失敗しました: %s\n" -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "passwd ファイルソースへのパス" +#: src/tools/sssctl/sssctl_user_checks.c:268 +msgid "" +"testing pam_authenticate\n" +"\n" +msgstr "" +"pam_authenticate のテスト中\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "グループファイルソースへのパス" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "pam_get_item に失敗しました: %s\n" -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "デーモンとして実行(デフォルト)" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" +msgstr "" +"ユーザー [%s] 向けの pam_authenticate: %s\n" +"\n" -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "対話的に実行(デーモンではない)" +#: src/tools/sssctl/sssctl_user_checks.c:278 +msgid "" +"testing pam_chauthtok\n" +"\n" +msgstr "" +"pam_chauthtok のテスト中\n" +"\n" -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "netlink インターフェースを無効にする" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" +msgstr "" +"pam_chauthtok: %s\n" +"\n" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "非標準の設定ファイルの指定" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" +msgstr "" +"pam_acct_mgmt のテスト中\n" +"\n" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "設定データベースをリフレッシュし、その後終了します" +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format +msgid "" +"pam_acct_mgmt: %s\n" +"\n" +msgstr "" +"pam_acct_mgmt: %s\n" +"\n" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "--genconf と似ていますが、任意のセクションのみをリフレッシュします" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" +msgstr "" +"pam_setcred のテスト中\n" +"\n" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "バージョン番号を表示して終了する" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "SSSD はすでに実行中です\n" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" +msgstr "" +"pam_open_session のテスト中\n" +"\n" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "デバッグレベル" +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "デバッグのタイムスタンプを追加する" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" +msgstr "" +"pam_close_session のテスト中\n" +"\n" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "タイムスタンプをミリ秒単位で表示する" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" +msgstr "" +"pam_close_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "デバッグログのオープンファイルディスクリプター" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "不明なアクション\n" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "デバッグ出力を stderr に直接送信します。" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "PAM 環境:\n" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "次のように FAST ccache を作成するユーザー" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " - no env -\n" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "次のように FAST ccache を作成するグループ" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "次のようにサーバーを実行するユーザー ID" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "使用する Kerberos レルム" +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "次のようにサーバーを実行するグループ ID" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "チケットの要求された有効期間" +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "レスポンダーがソケットでアクティベートされたと知らせます" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "チケットの要求された更新可能な有効期間" +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "レスポンダーが dbus でアクティベートされたと知らせます" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "FAST のオプション ('never'、'try'、'demand')" +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "デバッグのロギングの冗長性を設定する" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "FAST で使用するサーバープリンシパルを指定します" +#~ msgid "Include timestamps in debug logs" +#~ msgstr "デバッグログにタイムスタンプを含める" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "プリンシパル名の正規化を要求します" +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "デバッグログにミリ秒単位のタイムスタンプを含める" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "krb5_get_init_creds_password のカスタムバージョンを使用します" +#~ msgid "Write debug messages to logfiles" +#~ msgstr "デバッグメッセージをログファイルに書き込む" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "情報プロバイダーのドメイン (必須)" +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "サービス再起動前の Watchdog タイムアウト" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "特権ソケットの所有者またはパーミッションが誤っています。" +#~ msgid "Command to start service" +#~ msgstr "サービス開始のコマンド" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "公開ソケットの所有者またはパーミッションが誤っています。" +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "データプロバイダーの接続を試行する回数" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "サーバーのクレディンシャルメッセージの予期しない形式です。" +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "このレスポンダーににより開かれるファイル記述子の数" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD は root により実行されません。" +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "クライアントの自動切断までのアイドル時間" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "SSSD ソケットは存在しません。" +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "レスポンダーの自動シャットダウンまでのアイドル時間" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "SSSD ソケットの統計を取得できません。" +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "" +#~ "データプロバイダーをクエリーする前に、常にすべてのキャッシュをクエリーしま" +#~ "す" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "エラーが発生しましたが、説明がありませんでした。" +#~ msgid "SSSD Services to start" +#~ msgstr "開始する SSSD サービス" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "エラーの説明を検索中に予期しないエラーが発生しました" +#~ msgid "SSSD Domains to start" +#~ msgstr "開始する SSSD ドメイン" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "パーミッションが拒否されました。" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "SBUS 経由のメッセージ送信のタイムアウト" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "サーバーのメッセージ: " +#~ msgid "Regex to parse username and domain" +#~ msgstr "ユーザー名とドメインを構文解析する正規表現" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "パスワードが一致しません" +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "完全修飾名を表示するための printf 互換の形式" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "root によるパスワードのリセットはサポートされません。" +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "SSSD が Kerberos リプレイキャッシュファイルを保存するファイルシステムの" +#~ "ディレクトリーです。" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "キャッシュされているクレディンシャルを用いて認証されました" +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "domain 要素なしで追加するドメインの名前。" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr "、キャッシュされたパスワードが失効します: " +#~ msgid "The user to drop privileges to" +#~ msgstr "ユーザーが特権を停止します" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "パスワードの期限が切れています。あと %1$d 回ログインできます。" +#~ msgid "Tune certificate verification" +#~ msgstr "証明書検証の調整" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "あなたのパスワードは %1$d %2$s に期限切れになります。" +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "グループ名またはユーザー名のすべてのスペースは、この文字に置き換えられます" -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "次まで認証が拒否されます: " +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "SSSD を調整し、netlink の状態変更を尊重するか、または無視します" -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "システムがオフラインです、パスワード変更ができません" +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "暗黙のファイルドメインを有効化または無効化する" -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"OTP パスワードの変更後、チケットを取得するためにログアウト後に再びログインす" -"る必要があります" +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "検索するドメインの特定の順番" -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "パスワードの変更に失敗しました。 " +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "列挙キャッシュのタイムアウト(秒)" -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "新しいパスワード: " +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "エントリーキャッシュのバックグラウンド更新のタイムアウト時間(秒)" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "新しいパスワードの再入力: " +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "ネガティブキャッシュのタイムアウト(秒)" -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "1 番目の要素: " +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "ファイルネガティブキャッシュのタイムアウト時間(秒)" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "2 番目の要素 (オプション): " +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "SSSD が明示的に無視するユーザー" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "2 番目の要素: " +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "SSSD が明示的に無視するグループ" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "パスワード: " +#~ msgid "Should filtered users appear in groups" +#~ msgstr "フィルターされたユーザーをグループに表示する" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "1 番目の要素 (現在のパスワード): " +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "NSS プロバイダーが返すパスワード項目の値" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "現在のパスワード: " +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "識別プロバイダーからのホームディレクトリーの値をこの値で上書きする" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "アイデンティティープロバイダーからの空のホームディレクトリーをこの値で置き" +#~ "換えます" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "実行するデバッグレベル" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "アイデンティティープロバイダーからのシェル値をこの値で上書きします" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "使用する SSSD ドメイン" +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "ユーザーがログインを許可されるシェルの一覧" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "ロケールの設定中にエラーが発生しました\n" +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "拒否されてフォールバックシェルで置き換えられるシェルの一覧" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "十分なメモリーがありません\n" +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "中央ディレクトリーに保存されたシェルが許可されるが、利用できない場合、この" +#~ "フォールバックを使用する" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "ユーザーが指定されていません\n" +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "プロバイダーが一覧に持っていないとき使用するシェル" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "公開鍵の検索中にエラーが発生しました\n" +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "メモリー内のキャッシュレコードが有効な期間" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "ホストへの接続に使用するポート" +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "NSS レスポンダーがパブリッシュを許可されたユーザー属性の一覧" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "ホスト SSH 公開鍵を印刷" +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "オンラインログイン中にキャッシュによるログインが許容される期間(日数)" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "無効なポート\n" +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "オフラインの時に許容されるログイン試行失敗回数" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "ホストが指定されていません\n" +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "offline_failed_login_attempts に達した後にログインを拒否する時間(分)" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "プロキシコマンドへのパスは絶対パスにする必要があります\n" +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "認証中にユーザーに表示されるメッセージの種類" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "sss_ssh_knownhostsproxy: ホスト名 %s を解決できませんでした\n" +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "pam_sss へ送信された PAM のレスポンスをフィルタリングします" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "ユーザーの UID" +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "PAM 要求に対してキャッシュされた認証情報を保持する秒数" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "コメント文字列" +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "警告が表示されるパスワード失効前の日数" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "ホームディレクトリー" +#~ msgid "List of trusted uids or user's name" +#~ msgstr "信頼できる UID またはユーザー名の一覧" -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "ログインシェル" +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "信頼できないユーザーでさえアクセス可能なドメインの一覧。" -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "グループ" +#~ msgid "Message printed when user account is expired." +#~ msgstr "ユーザーアカウントの有効期限が切れると、メッセージが印刷されます。" -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "ユーザーのディレクトリーが存在しなければ作成する" +#~ msgid "Message printed when user account is locked." +#~ msgstr "ユーザーアカウントがロックされると、メッセージが印刷されます。" -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "ユーザーのディレクトリーを作成しない、設定を上書きする" +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "証明書ベースまたはスマートカードによる認証を許可します。" -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "代替のスケルトンディレクトリーを指定する" +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "PKCS#11 モジュールでの証明書データベースへのパス。" -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "ユーザーのログインに対する SELinux ユーザー" +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "p11_child が完了するまでに pam_sss が待つ秒数" -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "追加するグループを指定してください\n" +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "アプリケーションドメインへの接続を許可される PAM サービスはどれか" -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "追加するユーザーを指定してください\n" +#~ msgid "Allowed services for using smartcards" +#~ msgstr "スマートカードの使用が許可されたサービス" -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "" -"ツールを初期化中にエラーが発生しました - ローカルドメインがありません\n" +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "要求された場合に、カードが待つ追加のタイムアウト" -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "ツールを初期化中にエラーが発生しました\n" +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "スマートカード認証向けのデバイスの選択を PKCS#11 URI が制限" -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "FQDN で指定されたドメインが無効です\n" +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "sudo ルールにおいて時間による属性を評価するかどうか" -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "パラメーターを解析中に内部エラーが発生しました\n" +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "" +#~ "正しい場合、SSSD は小さい番号が優先される順位付けのロジックへ戻ります" -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "グループがユーザーと同じドメインになければいけません\n" +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "一度にリフレッシュ可能なルールの最大数。最大数を超えると、フルリフレッシュ" +#~ "が実行されます。" -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "ローカルドメインにグループ %1$s を見つけられません\n" +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "known_hosts ファイルにおいてホスト名とアドレスをハッシュ化するかどうか" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "デフォルト値を設定できません\n" +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "ホスト鍵が要求された後 known_hosts ファイルにホストを保持する秒数" -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "選択された UID は許容される範囲を越えています\n" +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "信頼された CA 証明書のストレージへのパス" -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "SELinux ログインコンテキストを設定できません\n" +#~ msgid "Allow to generate ssh-keys from certificates" +#~ msgstr "証明書からの ssh-key の生成を許可します" -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "ユーザーに関する情報を取得できません\n" +#~ msgid "" +#~ "Use the following matching rules to filter the certificates for ssh-key " +#~ "generation" +#~ msgstr "" +#~ "以下の一致するルールを使用して、ssh-key 生成用の証明書をフィルタリングしま" +#~ "す" -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"ユーザーのホームディレクトリーがすでに存在します、スケルトンディレクトリーか" -"らデータをコピーしません\n" +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "PAC レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "ユーザーのホームディレクトリーを作成できません: %1$s\n" +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "PAC データが有効とされる期間" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "ユーザーのメールスプールを作成できません: %1$s\n" +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "InfoPipe レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "ユーザーに ID を割り当てられませんでした - ドメインがいっぱいですか?\n" +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "InfoPipe がパブリッシュを許可されたユーザー属性の一覧" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "同じ名前または ID を持つユーザーまたはグループがすでに存在します\n" +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "シークレットが保存されるプロバイダー" + +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "ネストされたコンテナーの最大許可数" + +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "保存可能なシークレットの最大数" + +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "UID ごとに保存可能なシークレットの最大数" + +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "キロバイトでのシークレットの最大ペイロードサイズ" + +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "URL Custodia サーバーはリッスンしています" + +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "Custodia サーバーへの認証時に使用する方法" + +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "auth_header_value で値が定義され、HTTP リクエストに追加されるヘッダーの名" +#~ "前" + +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "sssd-secrets の値は、auth_header_name で使用します" + +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "要求と共に Custodia サーバーへ転送するヘッダーの一覧" + +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するユーザー名" + +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "basic_auth を使った Custodia サーバーへの認証時に使用するパスワード" + +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "proxy_url が https protocol を使用する場合に、正しいピアの証明書が検証され" +#~ "るかどうか" + +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "https プロトコルが使用される場合に、間違ったピアの証明書が proxy_url 以外" +#~ "の異なるホスト名を含むかどうか" + +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "CA 証明書が保存されているディレクトリーへのパス" + +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "サーバーの CA 証明書を含むファイルへのパス" + +#~ msgid "Path to file containing client's certificate" +#~ msgstr "クライアントの証明書を含むファイルへのパス" + +#~ msgid "Path to file containing client's private key" +#~ msgstr "クライアントの秘密鍵を含むファイルへのパス" + +#~ msgid "Identity provider" +#~ msgstr "アイデンティティープロバイダー" + +#~ msgid "Authentication provider" +#~ msgstr "認証プロバイダー" + +#~ msgid "Access control provider" +#~ msgstr "アクセス制御プロバイダー" + +#~ msgid "Password change provider" +#~ msgstr "パスワード変更プロバイダー" + +#~ msgid "SUDO provider" +#~ msgstr "SUDO プロバイダー" + +#~ msgid "Autofs provider" +#~ msgstr "Autofs プロバイダー" + +#~ msgid "Host identity provider" +#~ msgstr "ホスト識別プロバイダー" + +#~ msgid "SELinux provider" +#~ msgstr "SELinux プロバイダー" + +#~ msgid "Session management provider" +#~ msgstr "セッションマネージャーのプロバイダー" + +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "OS またはアプリケーションがドメインを使用できるかどうか" + +#~ msgid "Minimum user ID" +#~ msgstr "最小ユーザー ID" + +#~ msgid "Maximum user ID" +#~ msgstr "最大ユーザー ID" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "すべてのユーザー・グループの列挙を有効にする" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "オフラインログインのためにクレデンシャルをキャッシュする" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "ユーザー・グループを完全修飾形式で表示する" + +#~ msgid "Don't include group members in group lookups" +#~ msgstr "グループ検索にグループメンバーを含めない" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "エントリーキャッシュのタイムアウト長(秒)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "DNS 検索を実行する時に特定のアドレスファミリーを制限または優先します" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "最終ログイン成功時からキャッシュエントリーを保持する日数" + +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "次のサーバーを試行するまでに SSSD が単一の DNS サーバーと通信する時間 (ミ" +#~ "リ秒)" + +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "単一の DNS クエリーの解決を試行する時間 (秒)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "サーバーを名前解決する時に DNS から応答を待つ時間(秒)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "サービス検索 DNS クエリーのドメイン部分" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "識別プロバイダーからの GID 値をこの値で上書きする" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "ユーザー名が大文字小文字を区別するよう取り扱う" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "期限切れのエントリーがバックグラウンドで更新される頻度" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "自動的にクライアントの DNS エントリーを更新するかどうか" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "クライアントの DNS 項目を更新後、適用する TTL" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "動的 DNS 更新のために使用される IP のインターフェース" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "どのくらい定期的にクライアントの DNS エントリーを更新するか" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "" +#~ "プロバイダーが同じように PTR レコードを明示的に更新する必要があるかどうか" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "nsupdate ユーティリティーが標準で TCP を使用するかどうか" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "DNS 更新を実行するために使用すべき認証の種類" + +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "DNS の更新を実行する際に使用する DNS サーバーを上書き" + +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "信頼されたドメインの列挙を制御" + +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "サブドメインの一覧のリフレッシュ回数" + +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "サブドメインに継承すべきオプションの一覧" + +#~ msgid "Default subdomain homedir value" +#~ msgstr "デフォルトのサブドメインホームディレクトリーの値" + +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "証明書キャッシュを認証キャッシュに使用できる期間" + +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "ユーザーにプライベートグループを自動的に作成するかどうか" + +#~ msgid "IPA domain" +#~ msgstr "IPA ドメイン" + +#~ msgid "IPA server address" +#~ msgstr "IPA サーバーのアドレス" + +#~ msgid "Address of backup IPA server" +#~ msgstr "バックアップ IPA サーバーのアドレス" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA クライアントのホスト名" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか" + +#~ msgid "Search base for HBAC related objects" +#~ msgstr "HBAC 関連オブジェクトの検索ベース" + +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間" + +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "もし偽に設定されていると、PAM により渡されたホスト引数は無視されます" + +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "この IPA クライアントが使用している automounter の場所" + +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース" + +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース" + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "DNS サイトの有効化 - 位置ベースのサービス検索" + +#~ msgid "Search base for view containers" +#~ msgstr "ビューコンテナーの検索ベース" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "トランザクションエラー。ユーザーを追加できませんでした。\n" +#~ msgid "Objectclass for view containers" +#~ msgstr "ビューコンテナーのオブジェクトクラス" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "グループの GID" +#~ msgid "Attribute with the name of the view" +#~ msgstr "ビューの名前の属性" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "追加するグループを指定してください\n" +#~ msgid "Objectclass for override objects" +#~ msgstr "上書きされたオブジェクトのオブジェクトクラス" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "選択された GID は許容される範囲を越えています\n" +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "オリジナルオブジェクトを参照する属性" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "グループに ID を割り当てられませんでした - ドメインがいっぱいですか?\n" +#~ msgid "Objectclass for user override objects" +#~ msgstr "ユーザーが上書きするオブジェクトのオブジェクトクラス" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "同じ名前または GID を持つグループがすでに存在します\n" +#~ msgid "Objectclass for group override objects" +#~ msgstr "グループが上書きするオブジェクトのオブジェクトクラス" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "トランザクションエラー。グループを追加できませんでした。\n" +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "デスクトッププロファイルに関連するオブジェクトの検索ベース" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "削除するグループを指定してください\n" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "IPA サーバーに対するデスクトッププロファイルルールを検索している間の秒単位" +#~ "の合計時間" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "グループ %1$s はドメインに対して定義された ID の範囲を越えています\n" +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "最後の要求がルールを何も見つけなかった場合の IPA サーバーに対するデスク" +#~ "トッププロファイルル ールを検索している間の分単位の合計時間" -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"NSS リクエストに失敗しました (%1$d)。項目はメモリーキャッシュに残されます。\n" +#~ msgid "Active Directory domain" +#~ msgstr "Active Directory ドメイン" -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"そのようなグループはローカルドメインにありません。グループの削除はローカルド" -"メインにおいてのみ許可されます。\n" +#~ msgid "Enabled Active Directory domains" +#~ msgstr "有効化された Active Directory ドメイン" -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "内部エラー。グループを削除できませんでした。\n" +#~ msgid "Active Directory server address" +#~ msgstr "Active Directory サーバーアドレス" -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "このグループに追加するグループ" +#~ msgid "Active Directory backup server address" +#~ msgstr "Active Directory バックアップサーバーのアドレス" -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "このグループから削除するグループ" +#~ msgid "Active Directory client hostname" +#~ msgstr "Active Directory クライアントホスト名" -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "削除するグループを指定してください\n" +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "アクセス権限を決めるための LDAP フィルター" -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "変更するグループを指定してください\n" +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "検索にグローバルカタログを使用するかどうか" -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"ローカルドメインにグループが見つかりませんでした。グループの変更はローカルド" -"メインにおいてのみ許可されます\n" +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "グローバルカタログベースのアクセス制御に対するオペレーションモード" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "メンバーグループが親グループと同じドメインにある必要があります\n" +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "AD サーバーに対する GPO ポリシーファイルを検索している間の合計時間" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"ローカルドメインにグループ %1$s が見つかりません。ローカルドメインにあるグ" -"ループのみが許可されます\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "GPO (Deny)InteractiveLogonRight のポリシー設定にマッピングした PAM サービ" +#~ "ス名" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"グループを変更できませんでした - メンバーグループ名が正しいかを確認してくださ" -"い\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "GPO (Deny)RemoteInteractiveLogonRight のポリシー設定にマッピングした PAM " +#~ "サービス名" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"グループを変更できませんでした - グループ名が正しいかを確認してください\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "GPO (Deny)NetworkLogonRight のポリシー設定にマッピングした PAM サービス名" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "トランザクションエラー。グループを変更できませんでした。\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "GPO (Deny)BatchLogonRight のポリシー設定にマッピングした PAM サービス名" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "マジックプライベート " +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "(Deny)ServiceLogonRight のポリシー設定にマッピングした PAM サービス名" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$s グループ: %3$s\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "GPO ベースのアクセスが常に許可される PAM サービス名" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$s GID 番号: %2$d\n" +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "GPO ベースのアクセスが常に拒否される PAM サービス名" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "%1$s メンバーユーザー: " +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "マッピングされていない PAM サービス名に使用するデフォルトのログオン権利 " +#~ "(または許可/拒否)" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$s は次のメンバー: " +#~ msgid "a particular site to be used by the client" +#~ msgstr "クライアントが使用する特定のサイト" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"%1$s メンバーグループ: " +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "マシンアカウントのパスワードの更新が必要となるまでの最大日数" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "間接グループメンバーを再帰的に表示する" +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "マシンアカウントの更新タスクをチューニングするオプション" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "表示するグループを指定してください\n" +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos サーバーのアドレス" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"そのようなグループはローカルドメインにありません。グループの表示はローカルド" -"メインにおいてのみ許可されます。\n" +#~ msgid "Kerberos backup server address" +#~ msgstr "Kerberos バックアップサーバーのアドレス" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "内部エラー。グループを表示できませんでした。\n" +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos レルム" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "ホームディレクトリーとメールスプールを削除する" +#~ msgid "Authentication timeout" +#~ msgstr "認証のタイムアウト" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "ホームディレクトリーとメールスプールを削除しない" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "kdcinfo ファイルを作成するかどうか" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "ユーザーにより所有されていないファイルの強制削除" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "krb5 設定スニペットを削除する場所" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "ユーザーを削除する前にそのユーザーのプロセスを強制停止する" +#~ msgid "Directory to store credential caches" +#~ msgstr "クレデンシャルのキャッシュを保存するディレクトリー" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "削除するユーザーを指定する\n" +#~ msgid "Location of the user's credential cache" +#~ msgstr "ユーザーのクレデンシャルキャッシュの位置" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "ユーザー %1$s はドメインに対して定義された ID の範囲を超えています\n" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "クレデンシャルを検証するキーテーブルの場所" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "SELinux ログインコンテキストをリセットできません\n" +#~ msgid "Enable credential validation" +#~ msgstr "クレデンシャルの検証を有効にする" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"警告: ユーザー (uid %1$lu) が削除されたときにまだログインしていました。\n" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "後からオンライン認証するためにオフラインの場合にパスワードを保存します" -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "" -"ユーザーがこのプラットフォームにログインしていたかを確認できませんでした" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "更新可能な TGT の有効期間" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "ユーザーがログインしていたかを確認中にエラーが発生しました\n" +#~ msgid "Lifetime of the TGT" +#~ msgstr "TGT の有効期間" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "削除後コマンドの実行に失敗しました: %1$s\n" +#~ msgid "Time between two checks for renewal" +#~ msgstr "更新を確認する間隔" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "" -"ホームディレクトリーを削除していません - ユーザーにより所有されていません\n" +#~ msgid "Enables FAST" +#~ msgstr "FAST を有効にする" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "ホームディレクトリーを削除できません: %1$s\n" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "FAST に使用するプリンシパルを選択する" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"そのようなユーザーはローカルドメインにいません。ユーザーの削除はローカルドメ" -"インにおいてのみ許可されます。\n" +#~ msgid "Enables principal canonicalization" +#~ msgstr "プリンシパル正規化を有効にする" -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "内部エラー。ユーザーを削除できませんでした。\n" +#~ msgid "Enables enterprise principals" +#~ msgstr "エンタープライズ・プリンシパルの有効化" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "ユーザーの GID" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "ユーザー名から Kerberos プリンシパル名までのマッピング" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "このユーザーを追加するグループ" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "このユーザーを削除するグループ" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, LDAP サーバーの URI" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "アカウントをロックする" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, LDAP サーバーの URI" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "アカウントをロック解除する" +#~ msgid "The default base DN" +#~ msgstr "デフォルトのベース DN" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "属性/値のペアを追加します。フォーマットは attrname=value です。" +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "LDAP サーバーにおいて使用中のスキーマ形式、rfc2307" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "属性/値のペアを削除します。フォーマットは attrname=value です。" +#~ msgid "Mode used to change user password" +#~ msgstr "ユーザーのパスワードの変更にモードを使用しました" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"名前/値のペアに属性を指定します。形式は attrname=value です。複数の値を持つ属" -"性の場合、コマンドがすでに存在する値に置き換えられます。" +#~ msgid "The default bind DN" +#~ msgstr "デフォルトのバインド DN" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "属性の名前/値のペアを指定します\n" +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "デフォルトのバインド DN の認証トークンの種類" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "変更するユーザーを指定してください\n" +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "デフォルトのバインド DN の認証トークン" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"ローカルドメインにユーザーを見つけられません。ユーザーの変更はローカルドメイ" -"ンにおいてのみ許可されます。\n" +#~ msgid "Length of time to attempt connection" +#~ msgstr "接続を試行する時間" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"ユーザーを変更できませんでした - グループ名が正しいかを確認してください\n" +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "LDAP 同期操作を試行する時間" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"ユーザーを変更できませんでした - ユーザーはすでにグループのメンバーですか?\n" +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "オフラインの間に再接続を試行する時間" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "トランザクションエラー。ユーザーを変更できませんでした。\n" +#~ msgid "Use only the upper case for realm names" +#~ msgstr "レルム名に対して大文字のみを使用する" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n" +#~ msgid "File that contains CA certificates" +#~ msgstr "CA 証明書を含むファイル" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "%1$s を無効化できませんでした\n" +#~ msgid "Path to CA certificate directory" +#~ msgstr "CA 証明書のディレクトリーのパス" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "%1$s %2$s を無効化できませんでした\n" +#~ msgid "File that contains the client certificate" +#~ msgstr "クライアント証明書を含むファイル" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "すべてのキャッシュエントリーを無効化します" +#~ msgid "File that contains the client key" +#~ msgstr "クライアントの鍵を含むファイル" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "特定のユーザーを無効にする" +#~ msgid "List of possible ciphers suites" +#~ msgstr "利用可能な暗号の一覧" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "TLS 証明書の検証を要求する" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "すべてのユーザーを無効にする" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "使用する SASL メカニズムを指定する" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "特定のグループを無効にする" +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "使用する SASL 認可 ID を指定する" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "すべてのグループを無効にする" +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "使用する SASL 認可レルムを指定する" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "特定のネットワークグループを無効にする" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "LDAP SASL 認可の最小 SSF を指定する" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "すべてのネットワークグループを無効にする" +#~ msgid "Kerberos service keytab" +#~ msgstr "Kerberos サービスのキーテーブル" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "特定のサービスの無効化" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "LDAP 接続に対して Kerberos 認証を使用する" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "すべてのサービスの無効化" +#~ msgid "Follow LDAP referrals" +#~ msgstr "LDAP リフェラルにしたがう" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "特定の autofs マップの無効化" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "LDAP 接続の TGT の有効期間" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "すべての autofs マップの無効化" +#~ msgid "How to dereference aliases" +#~ msgstr "エイリアスを参照解決する方法" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "特定の SSH ホストを無効化します" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "DNS サービス検索のサービス名" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "すべての SSH ホストを無効化します" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "単一の LDAP クエリーにおいて取得するレコード数" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "特定の sudo ルールを無効化します" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "すべてのキャッシュ sudo ルールを無効化します" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実" +#~ "行するかどうか" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "特定のドメインのみからエントリーを無効にする" +#~ msgid "entryUSN attribute" +#~ msgstr "entryUSN 属性" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" -"予期しない引数が提供される場合、1 つのオブジェクトを無効化するオプションは、" -"提供された引数を 1 つだけ受け取ります。\n" +#~ msgid "lastUSN attribute" +#~ msgstr "lastUSN 属性" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "LDAP サーバーを切断する前に接続を保持する時間" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"ドメイン %1$s を開けませんでした。ドメインがサブドメイン (信頼済みドメイン) " -"であれば、--domain/-d パラメーターの代わりに完全修飾名を使用してください。\n" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "LDAP ページング制御を無効化する" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "利用可能なドメインを開けませんでした\n" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Active Directory 範囲の取得の無効化" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "" -"名前 '%1$s' が FQDN であるように見えません ('%2$s = TRUE' が設定されます)\n" +#~ msgid "Length of time to wait for a search request" +#~ msgstr "検索要求を待つ時間" -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "メモリー不足\n" +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "列挙の要求を待つ時間" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s は root として実行する必要があります\n" +#~ msgid "Length of time between enumeration updates" +#~ msgstr "列挙の更新間隔" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "はい" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "キャッシュをクリーンアップする間隔" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "いいえ" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "ID 検索に TLS を要求する" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "エラー" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "無効な結果。" +#~ msgid "Base DN for user lookups" +#~ msgstr "ユーザー検索のベース DN" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "ユーザーインプットの読み込みができませんでした\n" +#~ msgid "Scope of user lookups" +#~ msgstr "ユーザー検索の範囲" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "" -"無効なインプットです。'%s' または '%s' のいずれかを提供してください。\n" +#~ msgid "Filter for user lookups" +#~ msgstr "ユーザー検索のフィルター" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "外部のコマンドを実行中にエラーが発生しました\n" +#~ msgid "Objectclass for users" +#~ msgstr "ユーザーのオブジェクトクラス" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "SSSD を実行する必要があります。SSSD をすぐに実行しますか?" +#~ msgid "Username attribute" +#~ msgstr "ユーザー名の属性" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "SSSD を実行してはいけません。SSSD を今、停止しますか?" +#~ msgid "UID attribute" +#~ msgstr "UID の属性" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "SSSD は再起動が必要です。SSSD を今、再起動しますか?" +#~ msgid "Primary GID attribute" +#~ msgstr "プライマリー GID の属性" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr " %s はキャッシュにありません\n" +#~ msgid "GECOS attribute" +#~ msgstr "GECOS の属性" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "名前" +#~ msgid "Home directory attribute" +#~ msgstr "ホームディレクトリーの属性" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "キャッシュエントリーの作成日" +#~ msgid "Shell attribute" +#~ msgstr "シェルの属性" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "キャッシュエントリーが最後に更新された時間" +#~ msgid "UUID attribute" +#~ msgstr "UUID 属性" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "キャッシュエントリーの期限切れ時間" +#~ msgid "objectSID attribute" +#~ msgstr "objectSID 属性" -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "InfoPipe にキャッシュ" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "ID マッピングの Active Directory プライマリーグループ属性" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "エラー: オブジェクト [%d] を取得できません: %s\n" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "ユーザープリンシパルの属性(Kerberos 用)" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "%s: 値 [%d] の読み込みができません: %s\n" +#~ msgid "Full Name" +#~ msgstr "氏名" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "名前を指定します。" +#~ msgid "memberOf attribute" +#~ msgstr "memberOf 属性" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "名前 %s を構文解析できません。\n" +#~ msgid "Modification time attribute" +#~ msgstr "変更日時の属性" -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "SID で検索" +#~ msgid "shadowLastChange attribute" +#~ msgstr "shadowLastChange 属性" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "ユーザーID で検索" +#~ msgid "shadowMin attribute" +#~ msgstr "shadowMin 属性" -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "Initgroups の期限切れ時間" +#~ msgid "shadowMax attribute" +#~ msgstr "shadowMax 属性" -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "グループ ID で検索" +#~ msgid "shadowWarning attribute" +#~ msgstr "shadowWarning 属性" -#: src/tools/sssctl/sssctl_config.c:70 -#, fuzzy, c-format -msgid "Failed to open %s\n" -msgstr "名前 %s を構文解析できません。\n" +#~ msgid "shadowInactive attribute" +#~ msgstr "shadowInactive 属性" -#: src/tools/sssctl/sssctl_config.c:75 -#, fuzzy, c-format -msgid "File %1$s does not exist.\n" -msgstr "SSSD ソケットは存在しません。" +#~ msgid "shadowExpire attribute" +#~ msgstr "shadowExpire 属性" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" -"ファイルの所有権とパーミッションの確認に失敗しました。予期される root:root お" -"よび 0600。\n" +#~ msgid "shadowFlag attribute" +#~ msgstr "shadowFlag 属性" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "認可された PAM サービスを一覧化する属性" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "認可されたサーバーホストを一覧化する属性" -#: src/tools/sssctl/sssctl_config.c:99 -#, fuzzy -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" -"ファイル %1$s は存在しません。SSSD は、ファイルプロバイダーでデフォルトの設定" -"を使用します。\n" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "認可されたサーバー rhosts を一覧化する属性" -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "krbLastPwdChange 属性" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "バリデーターで特定された問題: %zu\n" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "krbPasswordExpiration 属性" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "設定のマージ中に生成されたメッセージ: %zu\n" +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "サーバー側パスワードポリシーが有効であることを意味する属性" -#: src/tools/sssctl/sssctl_config.c:137 -#, fuzzy, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "設定スニペットファイルを使用: %u\n" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "AD の accountExpires 属性" -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "バックアップディレクトリー [%d] の作成に失敗: %s" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "AD の userAccountControl 属性" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "" -"ローカルデータの SSSD バックアップはすでに存在しますが、上書きしますか?" +#~ msgid "nsAccountLock attribute" +#~ msgstr "nsAccountLock 属性" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "ユーザーの上書きをエクスポートできません\n" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "NDS の loginDisabled 属性" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "グループの上書きをエクスポートできません\n" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "NDS の loginExpirationTime 属性" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "既存のバックアップを上書き" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "NDS の loginAllowedTimeMap 属性" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "ユーザーの上書きをインポートできません\n" +#~ msgid "SSH public key attribute" +#~ msgstr "SSH 公開鍵の属性" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "グループの上書きをインポートできません\n" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "ユーザー用に許可された認証タイプを一覧化する属性" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "実行中でない場合、SSSD を開始します" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "ユーザーの X509 証明書を含む属性" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "データのインポートの後、SSSD を再起動します" +#~ msgid "attribute containing the email address of the user" +#~ msgstr "ユーザーの電子メールアドレスを含む属性" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "クリーンなキャッシュファイルを作成し、ローカルデータをインポートします" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "ユーザーエントリーと共にダウンロードする追加的な属性の一覧" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "キャッシュを削除する前に SSSD を停止します" +#~ msgid "Base DN for group lookups" +#~ msgstr "グループ検索のベース DN" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "キャッシュの削除後に SSSD を開始します" +#~ msgid "Objectclass for groups" +#~ msgstr "グループのオブジェクトクラス" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "ローカルデータのバックアップを作成中...\n" +#~ msgid "Group name" +#~ msgstr "グループ名" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" -"ローカルデータのバックアップの作成ができません。キャッシュを削除できませ" -"ん。\n" +#~ msgid "Group password" +#~ msgstr "グループのパスワード" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "キャッシュファイルの削除中...\n" +#~ msgid "GID attribute" +#~ msgstr "GID 属性" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "キャッシュファイルを削除できません\n" +#~ msgid "Group member attribute" +#~ msgstr "グループメンバー属性" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "ローカルデータの復元中...\n" +#~ msgid "Group UUID attribute" +#~ msgstr "グループ UUID 属性" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "" -"プライマリーまたは信頼されたドメインタイプを含むドメインリストを表示します" +#~ msgid "Modification time attribute for groups" +#~ msgstr "グループの変更日時の属性" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "システムバスに接続できません!\n" +#~ msgid "Type of the group and other flags" +#~ msgstr "グループおよび他のフラグのタイプ" + +#~ msgid "The LDAP group external member attribute" +#~ msgstr "LDAP グループの外部メンバーの属性" + +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "SSSD が従う最大ネストレベル" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "オンライン" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "ネットグループ検索のベース DN" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "オフライン" +#~ msgid "Objectclass for netgroups" +#~ msgstr "ネットグループのオブジェクトクラス" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "オンライン状態: %s\n" +#~ msgid "Netgroup name" +#~ msgstr "ネットグループ名" -#: src/tools/sssctl/sssctl_domains.c:213 -#, fuzzy -msgid "This domain has no active servers.\n" -msgstr "アクティブサーバーに関する情報の表示" +#~ msgid "Netgroups members attribute" +#~ msgstr "ネットグループメンバーの属性" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "アクティブサーバー:\n" +#~ msgid "Netgroup triple attribute" +#~ msgstr "ネットグループの三つ組の属性" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "接続していません" +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "ネットグループの変更日時の属性" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "Base DN for service lookups" +#~ msgstr "サービス検索のベース DN" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "%s サーバーを発見:\n" +#~ msgid "Objectclass for services" +#~ msgstr "サービスのオブジェクトクラス" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "今のところありません。\n" +#~ msgid "Service name attribute" +#~ msgstr "サービス名の属性" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "オンライン状態を表示" +#~ msgid "Service port attribute" +#~ msgstr "サービスポートの属性" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "アクティブサーバーに関する情報の表示" +#~ msgid "Service protocol attribute" +#~ msgstr "サービスプロトコルの属性" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "発見されたサーバーに関する一覧を表示" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "ID マッピングの下限" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "ドメイン名を指定します。" +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "ID マッピングの上限" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "メモリの空き容量がありません。\n" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "ID マッピングするとき、各スライスに対する ID の数" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "オンライン状態を取得できません\n" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "サーバー一覧を取得できません\n" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "ID マッピングに対するデフォルトドメインの名前" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "ID マッピングに対するデフォルトドメインの SID" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "切り捨てる代わりにログファイルを削除します" +#~ msgid "Number of secondary slices" +#~ msgstr "セカンダリースライスの数" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "ログファイルを削除中...\n" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Token-Group を使うかどうか" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "ログファイルを削除できません\n" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "LDAP サーバーから許可される ID の下限の設定" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "ログファイルを切り捨てます...\n" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "LDAP サーバーから許可される ID の上限の設定" -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "ログファイルの切り捨てができません\n" +#~ msgid "DN for ppolicy queries" +#~ msgstr "ppolicy クエリーの DN" -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "メモリの空き容量がありません。" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "ワイルドカードの要求の間に取得する最大エントリーの数" -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "ログファイルを %s へアーカイブ...\n" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "パスワード失効の評価のポリシー" -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "ログファイルのアーカイブができません\n" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか" -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "設定したいデバッグレベルを指定します" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "どのルールがアクセス制御を評価するために使用されるか" -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "SSSD InfoPipe ユーザー検索の結果:\n" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "パスワードの変更が許可される LDAP サーバーの URI" -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "dlopen は [%s] で失敗しました。\n" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI" -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "dlsym は [%s] で失敗しました。\n" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "LDAP パスワードの変更サーバーの DNS サービス名" -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "malloc は失敗しました。\n" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか" -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "sss_getpwnam_r が [%d] で失敗しました。\n" +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "sudo ルール検索のベース DN" -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "SSSD nss ユーザー検索の結果:\n" +#~ msgid "Automatic full refresh period" +#~ msgstr "自動的な完全更新間隔" -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr " - user name: %s\n" +#~ msgid "Automatic smart refresh period" +#~ msgstr "自動的なスマート更新間隔" -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr " - user id: %d\n" +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するか" +#~ "どうか" -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr " - group id: %d\n" +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイ" +#~ "ン名" -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr " - gecos: %s\n" +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたは" +#~ "ネットワーク" -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr " - home directory: %s\n" +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか" -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" -" - shell: %s\n" -"\n" +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "ホスト属性に正規表現を含むルールを含めるかどうか" -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "PAM アクション [auth|acct|setc|chau|open|clos]、デフォルト: " +#~ msgid "Object class for sudo rules" +#~ msgstr "sudo ルールのオブジェクトクラス" -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "PAM サービス、デフォルト: " +#~ msgid "Name of attribute that is used as object class for sudo rules" +#~ msgstr "sudo ルールのオブジェクトクラスとして使用される属性の名前" -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "ユーザー名を指定します。" +#~ msgid "Sudo rule name" +#~ msgstr "sudo ルール名" -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" -"ユーザー: %s\n" -"アクション: %s\n" -"サービス: %s\n" -"\n" +#~ msgid "Sudo rule command attribute" +#~ msgstr "sudo ルールのコマンドの属性" -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "[%s] でのユーザー名の検索に失敗しました。\n" +#~ msgid "Sudo rule host attribute" +#~ msgstr "sudo ルールのホストの属性" -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "[%s] での InfoPipe ユーザーの検索に失敗しました。\n" +#~ msgid "Sudo rule user attribute" +#~ msgstr "sudo ルールのユーザーの属性" -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "pam_start に失敗しました: %s\n" +#~ msgid "Sudo rule option attribute" +#~ msgstr "sudo ルールのオプションの属性" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" -"pam_authenticate のテスト中\n" -"\n" +#~ msgid "Sudo rule runas attribute" +#~ msgstr "sudo ルールの runas の属性" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "pam_get_item に失敗しました: %s\n" +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "sudo ルールの runasuser の属性" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" -"ユーザー [%s] 向けの pam_authenticate: %s\n" -"\n" +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "sudo ルールの runasgroup の属性" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" -"pam_chauthtok のテスト中\n" -"\n" +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "sudo ルールの notbefore の属性" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" -"pam_chauthtok: %s\n" -"\n" +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "sudo ルールの notafter の属性" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "pam_acct_mgmt のテスト中\n" +#~ msgid "Sudo rule order attribute" +#~ msgstr "sudo ルールの order の属性" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" -"pam_acct_mgmt: %s\n" -"\n" +#~ msgid "Object class for automounter maps" +#~ msgstr "automounter マップのオブジェクトクラス" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" -"pam_setcred のテスト中\n" -"\n" +#~ msgid "Automounter map name attribute" +#~ msgstr "オートマウントのマップ名の属性" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" -"pam_setcred: [%s]\n" -"\n" +#~ msgid "Object class for automounter map entries" +#~ msgstr "automounter マップエントリーのオブジェクトクラス" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "pam_open_session のテスト中\n" +#~ msgid "Automounter map entry key attribute" +#~ msgstr "automounter マップエントリーの鍵属性" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" -"pam_open_session: %s\n" -"\n" +#~ msgid "Automounter map entry value attribute" +#~ msgstr "automounter マップエントリーの値属性" -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "pam_close_session のテスト中\n" +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "automonter のマップ検索のベース DN" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" -"pam_close_session: %s\n" -"\n" +#~ msgid "Comma separated list of allowed users" +#~ msgstr "許可ユーザーのカンマ区切り一覧" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "不明なアクション\n" +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "禁止ユーザーのカンマ区切り一覧" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "PAM 環境:\n" +#~ msgid "Default shell, /bin/bash" +#~ msgstr "デフォルトのシェル, /bin/bash" -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr " - no env -\n" +#~ msgid "Base for home directories" +#~ msgstr "ホームディレクトリーのベース" -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "次のようにサーバーを実行するユーザー ID" +#~ msgid "The number of preforked proxy children." +#~ msgstr "事前にフォークされた子プロキシーの数。" -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "次のようにサーバーを実行するグループ ID" +#~ msgid "The name of the NSS library to use" +#~ msgstr "使用する NSS ライブラリーの名前" -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "レスポンダーがソケットでアクティベートされたと知らせます" +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか" -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "レスポンダーが dbus でアクティベートされたと知らせます" +#~ msgid "PAM stack to use" +#~ msgstr "使用する PAM スタック" + +#~ msgid "Path of passwd file sources." +#~ msgstr "passwd ファイルソースへのパス" + +#~ msgid "Path of group file sources." +#~ msgstr "グループファイルソースへのパス" diff --git a/po/nb.po b/po/nb.po index 4b616074d6..f2a726dd44 100644 --- a/po/nb.po +++ b/po/nb.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/" @@ -20,1535 +20,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "SSSD-tjenester som skal startes" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "SSSD-domener som skal startes" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Tidsavbrudd for meldinger som sendes over SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Identitetstilbyder" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Autentiseringstilbyder" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Tilgangskontrolltilbyder" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Passordbyttetilbyder" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Minste bruker-ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Største bruker-ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-domene" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA-tjeneradresse" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Vertsnavn for IPA-klient" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Tjeneradresse for Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos-område" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Tidsavbrudd for autentisering" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1588,7 +108,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2401,7 +921,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2578,44 +1098,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2824,3 +1344,48 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "SSSD Services to start" +#~ msgstr "SSSD-tjenester som skal startes" + +#~ msgid "SSSD Domains to start" +#~ msgstr "SSSD-domener som skal startes" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Tidsavbrudd for meldinger som sendes over SBUS" + +#~ msgid "Identity provider" +#~ msgstr "Identitetstilbyder" + +#~ msgid "Authentication provider" +#~ msgstr "Autentiseringstilbyder" + +#~ msgid "Access control provider" +#~ msgstr "Tilgangskontrolltilbyder" + +#~ msgid "Password change provider" +#~ msgstr "Passordbyttetilbyder" + +#~ msgid "Minimum user ID" +#~ msgstr "Minste bruker-ID" + +#~ msgid "Maximum user ID" +#~ msgstr "Største bruker-ID" + +#~ msgid "IPA domain" +#~ msgstr "IPA-domene" + +#~ msgid "IPA server address" +#~ msgstr "IPA-tjeneradresse" + +#~ msgid "IPA client hostname" +#~ msgstr "Vertsnavn for IPA-klient" + +#~ msgid "Kerberos server address" +#~ msgstr "Tjeneradresse for Kerberos" + +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos-område" + +#~ msgid "Authentication timeout" +#~ msgstr "Tidsavbrudd for autentisering" diff --git a/po/nl.po b/po/nl.po index 7c9399f674..164b2a06f0 100644 --- a/po/nl.po +++ b/po/nl.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -25,1600 +25,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Stel de verbositeit van de debug statements in" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Neem tijdstempels op in de debug logs" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Voeg microseconden aan tijdstempel is debug log" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Schrijf debug berichten naar logbestanden" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Commando om service te starten" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Aantal pogingen naar de Data Providers te verbinden" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"Het aantal bestand descriptors die door deze beantwoorder geopend mogen " -"worden" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Duur van inactiviteit voor het automatisch loskoppelen van een cliënt" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "SSSD Services die gestart moeten worden" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "SSSD Domeinen die gestart moeten worden" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Timeout voor berichten die over SBUS worden verzonden" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Reguliere expressie om gebruikersnamen en domeinen te ontleden" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Printf-compatibel formaat voor het tonen van namen in volledige vorm" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Map in het bestandssysteem waarin SSSD Kerberos replay cache bestanden moet " -"opslaan." - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Domein toe te voegen aan namen zonder een domein component." - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Enumeratie cache timeout duur (in seconden)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Entry cache achtergrond update timeout duur (in seconden)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Negatieve cache timeout duur (in seconden)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Gebruikers die SSSD expliciet dient te negeren" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Groepen die SSSD expliciet dient te negeren" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Dienen gefilterde gebruikers zichtbaar te zijn in groepen" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "De waarde van het wachtwoordveld die de NSS aanbieder terug moet geven" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"Overschrijf homedir waarde van de identiteit aanbieder met deze waarde " - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Vervang lege persoonlijke map waarde van de eindentiteitsaanbieder met deze " -"waarde" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "Overschrijf shell waarde van identiteit provider met deze waarde" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "De lijst van shells waarmee ingelogd kan worden" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"De lijst van shells die verboden zijn, en vervangen door de fallback shell" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Als een shell opgeslagen in de centrale map toegestaan is, maar niet " -"beschikbaar, gebruik dan deze" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Te gebruiken shell als de aanbieder er geen aangeeft " - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Hoe lang zullen cache records in het geheugen geldig blijven" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "Hoe lang zijn cached logins toegestaan tussen online logins (in dagen)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Hoe veel mislukte inlogpogingen zijn toegestaan in offline-modus" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Hoe lang (in minuten) logins weigeren nadat offline_failed_login_attempts is " -"bereikt" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" -"Welke boodschappen worden aan de gebruiker getoond tijdens authenticatie" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Hoeveel seconden moet de identiteit informatie in cache opgeslagen worden " -"voor PAN aanvragen" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" -"Hoeveel dagen voor het verlopen van het wachtwoord moet een waarschuwing " -"getoond worden" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" -"Of de tijd-gebaseerde attributen in sudo regels moeten worden geëvalueerd" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Moeten host namen en adressen gehashd worden in het known_hosts bestand" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Hoeveel seconden moet een host in het known_hosts bestand blijven nadat de " -"host sleutels ervan werden aangevraagd" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Lijst met UID's of gebruikersnamen waarvoor toegang tot de PAC responder " -"toegestaan is" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Identiteitaanbieder" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Authentiecatieaanbieder" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Toegangscontroleaanbieder" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Wachtwoordwijzigingsaanbieder" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "SUDO provider" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Autofs provider" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Host identity provider" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Minimum gebruiker ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Maximum gebruiker ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Schakel enumeratie van alle gebruikers/groepen" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Cache inloggegevens voor offline gebruik" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Laat gebruikers/groepen in volledige vorm zien" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Neem groepsleden niet mee in groep zoekacties" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Entry cache timeout duur (in seconden)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Beperk of geef de voorkeur aan een specifieke adresfamilie wanneer er DNS-" -"lookups uitgevoerd worden" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Hoe lang blijven gegevens opgeslagen na een succesvolle login (in dagen)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" -"Hoe lang te wachten op antwoord van de DSN bij het opzoeken van servers (in " -"seconden)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Het domeingedeelte van DNS queries die service discovery uitvoeren" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "Overschrijf GID waarde van de identiteit aanbieder met deze waarde" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Behandel gebruikersnamen als hoofdlettergevoelig" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Hoe vaak moeten verlopen ingangen op de achtergrond ververst worden" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" -"De TTL die toegepast moet worden op de DNS ingang van de cliënt na het " -"vernieuwen hiervan" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" -"De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken " -"van de DNS" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "Of de provider ook de PTR record expliciet moet vernieuwen" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" -"Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit te " -"voeren" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-domein" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA-serveradres" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adres van back-up IPA server" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA-clienthostname" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" -"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in " -"FreeIPA" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Zoek basis voor HBAC gerelateerde objecten" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" -"De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de " -"IPA server" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" -"Als dit op false ingesteld is, wordt het host argument gegeven door PAM " -"genegeerd" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "De automounter locatie die door deze IPA client wordt gebruikt" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "Zoek in base voor object die info over IPA domein bevat " - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "Zoek in base voor objecten die info over ID bereiken bevat" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Active Directory domein" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Active Directory server adres" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Active Directory back-up server adres" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Active Directory cliënt hostnaam" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "LDAP-filter om toegangsprivileges mee te bepalen" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos-serveradres" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Kerberos back-up server adres" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberos-rijk" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Authenticatie timeout" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Moeten kdcinfo bestanden aangemaakt worden" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Werkmap waar authenticatiegegevens opgeslagen worden" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Locatie van de authenticatiecache van de gebruiker" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Locatie van de keytab om authenticatiegegevens te valideren" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Schakel authenticatiegegevensvalidatie in" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" -"Sla het wachtwoord op indien offline voor later gebruik bij online " -"authenticatie" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Vernieuwbare levensduur van de TGT" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Levensduur van de TGT" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Tijd tussen twee checks voor vernieuwing" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Zet FAST aan" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST " - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Zet hoofdpersoon sanctioneren aan" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Zet enterprise principals aan" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, de URI van de LDAP server" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, De URI van de LDAP server" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "De standaard base DN" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "De standaard bind DN" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Het type authenticatietoken van de standaard bind DN" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Het authenticatietoken van de standaard bind DN" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Hoe lang pogen te verbinden" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Hoe lang proberen synchroon LDAP te benaderen" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" -"Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens " -"offline zijn" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Bestand dat de bekende CA-certificaten bevat" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Pad naar de CA-certificatenmap" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Bestand dat het client certificaat bevat" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Bestand dat de client sleutel bevat" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Lijst van mogelijke sleutel suites" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Vereis verificatie van het TLS-certificaat" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Specificeer het te gebruiken sasl autorisatiegebied " - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Kerberos service keytab" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Volg LDAP-doorverwijzingen" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Levensduur van TGT voor LDAP-connectie" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Hoe moet de alias referentie verwijderd worden" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Service naam voor DNS service opzoeken" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" -"Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"Het aantal leden van moet ontbreken om een volledige de-referentie te " -"veroorzaken" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" -"Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " -"autoriseren tijdens een SASL binding" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "entryUSN attribuut" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "lastUSN attribuut" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" -"Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het " -"losgekoppeld wordt" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Het LDAP paging besturingselement uitschakelen" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Zet Active Directory bereik opvragen uit" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Tijd om te wachten op een zoekopdracht" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Tijdsduur te wachten voor een opsommingsverzoek" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Tijd om te wachten tussen enumeratie-updates" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Tijdsduur tussen cache opschoningen" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Vereis TLS voor het opzoeken van ID's" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Base DN voor het opzoeken van gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Scope voor het opzoeken van gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filter voor het opzoeken van gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass voor gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Username-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "UID-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Primair GID-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "GECOS-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Gebruikersmap-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Shell-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "objectSID attribuut" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Active Directory primaire groep attribuut voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Userprincipal-attribuut (voor Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Volledige naam" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "memberOf-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Modification time-attribuut" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "shadowLastChange attribuut" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "shadowMin attribuut" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "shadowMax attribuut" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "shadowWarning attribuut" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "shadowInactive attribuut" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "shadowExpire attribuut" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "shadowFlag attribuut" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Attribuut voor tonen van geautoriseerde PAM services" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Attribuut dat geautoriseerde server hosts toont" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "krbLastPwdChange attribuut" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "krbPasswordExpiration attribuut" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "accountExpires attribuut van AD" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "userAccountControl attribuut van AD" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "nsAccountLock attribuut" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "loginDisabled attribuut van NDS" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "loginExpirationTime attribuut van NDS" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "loginAllowedTimeMap attribuut van NDS" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "SSH publieke sleutel attribuut" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "Basis DN voor groep opzoeken" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Objectklasse voor groepen" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Groepsnaam" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Groep wachtwoord" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "GID attribuut" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Groep deelnemer attribuut" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Verandertijd attribuut voor groepen" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "Basis DN voor netgroep opzoeken" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Objectklasse voor netgroepen" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Netgroep naam" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Netgroep leden attribuut" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Netgroep triple attibuut" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Verandertijd attribuut voor netgroepen" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Basis DN voor service lookups" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Objectclass voor services" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Service naam attribuut" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Service port attribuut" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Service protocol attribuut" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Ondergrens voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Bovengrens voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Aantal ID's voor elk segment bij ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Naam van het standaard domein voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID van het standaard domein voor ID-mapping" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Policy om wacthwoordverloop mee te evalueren" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" -"Welke attributen worden gebruikt voor evaluatie als het account verlopen is" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" -"Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" -"URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" -"URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "DNS service naam voor LDAP wachtwoord verander server" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" -"Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " -"wachtwoordwijziging" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Basis DN voor sudo regels lookups" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Automatische volledige ververs periode" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Automatische slimme ververs periode" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor " -"het filteren van sudo regels" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo " -"regels" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Moeten regels toegevoegd worden die regulaire expressie bevatten in host " -"attribuut " - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Objectklasse voor sudo regels" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Sudo regelnaam" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Sudo regel opdracht attribuut" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Sudo regel host attribuut" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Sudo regel gebruiker attribuut" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Sudo regel optie attribuut" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "Sudo regel runasuser attribuut" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Sudo regel runasgroup attribuut" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Sudo regel notbefore attribuut" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Sudo regel notafter attribuut" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Sudo regel volgorde attribuut" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Object class voor automounter maps" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Automounter map naam attribuut" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Objectklasse voor automounter map ingaven" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Automounter map sleutel ingave attribuut" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Automounter map ingavewaarde attribuut" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Basis DN voor automounter kaart opzoeken" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Kommagescheiden lijst van toegestane gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Kommagescheiden lijst van geweigerde gebruikers" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Standaard shell, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Basis voor gebruikersmappen" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "PAM-stack die gebruikt wordt" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Start in de achtergrond (standaard)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Start interactief (standaard)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Geef een niet-standaard configuratiebestand op" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "Print versie nummer en sluit af" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Debug niveau" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Voeg tijdstempels toe aan debugberichten" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "Toon tijdstempel met microseconden" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Een geopend bestand voor de debug logs" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1658,7 +113,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Domein voor de informatie provider (verplicht)" @@ -2509,7 +964,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2686,44 +1141,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "\n" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2932,3 +1387,845 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Stel de verbositeit van de debug statements in" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Neem tijdstempels op in de debug logs" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Voeg microseconden aan tijdstempel is debug log" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Schrijf debug berichten naar logbestanden" + +#~ msgid "Command to start service" +#~ msgstr "Commando om service te starten" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Aantal pogingen naar de Data Providers te verbinden" + +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Het aantal bestand descriptors die door deze beantwoorder geopend mogen " +#~ "worden" + +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "Duur van inactiviteit voor het automatisch loskoppelen van een cliënt" + +#~ msgid "SSSD Services to start" +#~ msgstr "SSSD Services die gestart moeten worden" + +#~ msgid "SSSD Domains to start" +#~ msgstr "SSSD Domeinen die gestart moeten worden" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Timeout voor berichten die over SBUS worden verzonden" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Reguliere expressie om gebruikersnamen en domeinen te ontleden" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Printf-compatibel formaat voor het tonen van namen in volledige vorm" + +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Map in het bestandssysteem waarin SSSD Kerberos replay cache bestanden " +#~ "moet opslaan." + +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Domein toe te voegen aan namen zonder een domein component." + +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Enumeratie cache timeout duur (in seconden)" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Entry cache achtergrond update timeout duur (in seconden)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Negatieve cache timeout duur (in seconden)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Gebruikers die SSSD expliciet dient te negeren" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Groepen die SSSD expliciet dient te negeren" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Dienen gefilterde gebruikers zichtbaar te zijn in groepen" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "" +#~ "De waarde van het wachtwoordveld die de NSS aanbieder terug moet geven" + +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Overschrijf homedir waarde van de identiteit aanbieder met deze waarde " + +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Vervang lege persoonlijke map waarde van de eindentiteitsaanbieder met " +#~ "deze waarde" + +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "Overschrijf shell waarde van identiteit provider met deze waarde" + +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "De lijst van shells waarmee ingelogd kan worden" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "De lijst van shells die verboden zijn, en vervangen door de fallback shell" + +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Als een shell opgeslagen in de centrale map toegestaan is, maar niet " +#~ "beschikbaar, gebruik dan deze" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Te gebruiken shell als de aanbieder er geen aangeeft " + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Hoe lang zullen cache records in het geheugen geldig blijven" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Hoe lang zijn cached logins toegestaan tussen online logins (in dagen)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Hoe veel mislukte inlogpogingen zijn toegestaan in offline-modus" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Hoe lang (in minuten) logins weigeren nadat offline_failed_login_attempts " +#~ "is bereikt" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Welke boodschappen worden aan de gebruiker getoond tijdens authenticatie" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Hoeveel seconden moet de identiteit informatie in cache opgeslagen worden " +#~ "voor PAN aanvragen" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "" +#~ "Hoeveel dagen voor het verlopen van het wachtwoord moet een waarschuwing " +#~ "getoond worden" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "" +#~ "Of de tijd-gebaseerde attributen in sudo regels moeten worden geëvalueerd" + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Moeten host namen en adressen gehashd worden in het known_hosts bestand" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Hoeveel seconden moet een host in het known_hosts bestand blijven nadat " +#~ "de host sleutels ervan werden aangevraagd" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Lijst met UID's of gebruikersnamen waarvoor toegang tot de PAC responder " +#~ "toegestaan is" + +#~ msgid "Identity provider" +#~ msgstr "Identiteitaanbieder" + +#~ msgid "Authentication provider" +#~ msgstr "Authentiecatieaanbieder" + +#~ msgid "Access control provider" +#~ msgstr "Toegangscontroleaanbieder" + +#~ msgid "Password change provider" +#~ msgstr "Wachtwoordwijzigingsaanbieder" + +#~ msgid "SUDO provider" +#~ msgstr "SUDO provider" + +#~ msgid "Autofs provider" +#~ msgstr "Autofs provider" + +#~ msgid "Host identity provider" +#~ msgstr "Host identity provider" + +#~ msgid "Minimum user ID" +#~ msgstr "Minimum gebruiker ID" + +#~ msgid "Maximum user ID" +#~ msgstr "Maximum gebruiker ID" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Schakel enumeratie van alle gebruikers/groepen" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Cache inloggegevens voor offline gebruik" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Laat gebruikers/groepen in volledige vorm zien" + +#~ msgid "Don't include group members in group lookups" +#~ msgstr "Neem groepsleden niet mee in groep zoekacties" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Entry cache timeout duur (in seconden)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Beperk of geef de voorkeur aan een specifieke adresfamilie wanneer er DNS-" +#~ "lookups uitgevoerd worden" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Hoe lang blijven gegevens opgeslagen na een succesvolle login (in dagen)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Hoe lang te wachten op antwoord van de DSN bij het opzoeken van servers " +#~ "(in seconden)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Het domeingedeelte van DNS queries die service discovery uitvoeren" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "Overschrijf GID waarde van de identiteit aanbieder met deze waarde" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Behandel gebruikersnamen als hoofdlettergevoelig" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Hoe vaak moeten verlopen ingangen op de achtergrond ververst worden" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "De TTL die toegepast moet worden op de DNS ingang van de cliënt na het " +#~ "vernieuwen hiervan" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "De adapter wiens IP-adres gebruikt moet worden voor het dynamisch " +#~ "bijwerken van de DNS" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "" +#~ "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "Of de provider ook de PTR record expliciet moet vernieuwen" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit " +#~ "te voeren" + +#~ msgid "IPA domain" +#~ msgstr "IPA-domein" + +#~ msgid "IPA server address" +#~ msgstr "IPA-serveradres" + +#~ msgid "Address of backup IPA server" +#~ msgstr "Adres van back-up IPA server" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA-clienthostname" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in " +#~ "FreeIPA" + +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Zoek basis voor HBAC gerelateerde objecten" + +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "" +#~ "De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor " +#~ "de IPA server" + +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Als dit op false ingesteld is, wordt het host argument gegeven door PAM " +#~ "genegeerd" + +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "De automounter locatie die door deze IPA client wordt gebruikt" + +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "Zoek in base voor object die info over IPA domein bevat " + +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "Zoek in base voor objecten die info over ID bereiken bevat" + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking" + +#~ msgid "Active Directory domain" +#~ msgstr "Active Directory domein" + +#~ msgid "Active Directory server address" +#~ msgstr "Active Directory server adres" + +#~ msgid "Active Directory backup server address" +#~ msgstr "Active Directory back-up server adres" + +#~ msgid "Active Directory client hostname" +#~ msgstr "Active Directory cliënt hostnaam" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "LDAP-filter om toegangsprivileges mee te bepalen" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos-serveradres" + +#~ msgid "Kerberos backup server address" +#~ msgstr "Kerberos back-up server adres" + +#~ msgid "Kerberos realm" +#~ msgstr "Kerberos-rijk" + +#~ msgid "Authentication timeout" +#~ msgstr "Authenticatie timeout" + +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Moeten kdcinfo bestanden aangemaakt worden" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Werkmap waar authenticatiegegevens opgeslagen worden" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Locatie van de authenticatiecache van de gebruiker" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Locatie van de keytab om authenticatiegegevens te valideren" + +#~ msgid "Enable credential validation" +#~ msgstr "Schakel authenticatiegegevensvalidatie in" + +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "Sla het wachtwoord op indien offline voor later gebruik bij online " +#~ "authenticatie" + +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Vernieuwbare levensduur van de TGT" + +#~ msgid "Lifetime of the TGT" +#~ msgstr "Levensduur van de TGT" + +#~ msgid "Time between two checks for renewal" +#~ msgstr "Tijd tussen twee checks voor vernieuwing" + +#~ msgid "Enables FAST" +#~ msgstr "Zet FAST aan" + +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST " + +#~ msgid "Enables principal canonicalization" +#~ msgstr "Zet hoofdpersoon sanctioneren aan" + +#~ msgid "Enables enterprise principals" +#~ msgstr "Zet enterprise principals aan" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, de URI van de LDAP server" + +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, De URI van de LDAP server" + +#~ msgid "The default base DN" +#~ msgstr "De standaard base DN" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "De standaard bind DN" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Het type authenticatietoken van de standaard bind DN" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Het authenticatietoken van de standaard bind DN" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Hoe lang pogen te verbinden" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Hoe lang proberen synchroon LDAP te benaderen" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "" +#~ "Duur tussen pogingen om de verbinding opnieuw tot stand te brengen " +#~ "tijdens offline zijn" + +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Bestand dat de bekende CA-certificaten bevat" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Pad naar de CA-certificatenmap" + +#~ msgid "File that contains the client certificate" +#~ msgstr "Bestand dat het client certificaat bevat" + +#~ msgid "File that contains the client key" +#~ msgstr "Bestand dat de client sleutel bevat" + +#~ msgid "List of possible ciphers suites" +#~ msgstr "Lijst van mogelijke sleutel suites" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Vereis verificatie van het TLS-certificaat" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" + +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Specificeer het te gebruiken sasl autorisatiegebied " + +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Kerberos service keytab" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Volg LDAP-doorverwijzingen" + +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Levensduur van TGT voor LDAP-connectie" + +#~ msgid "How to dereference aliases" +#~ msgstr "Hoe moet de alias referentie verwijderd worden" + +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Service naam voor DNS service opzoeken" + +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "" +#~ "Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" + +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "Het aantal leden van moet ontbreken om een volledige de-referentie te " +#~ "veroorzaken" + +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " +#~ "autoriseren tijdens een SASL binding" + +#~ msgid "entryUSN attribute" +#~ msgstr "entryUSN attribuut" + +#~ msgid "lastUSN attribute" +#~ msgstr "lastUSN attribuut" + +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat " +#~ "het losgekoppeld wordt" + +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Het LDAP paging besturingselement uitschakelen" + +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Zet Active Directory bereik opvragen uit" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Tijd om te wachten op een zoekopdracht" + +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Tijdsduur te wachten voor een opsommingsverzoek" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Tijd om te wachten tussen enumeratie-updates" + +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Tijdsduur tussen cache opschoningen" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Vereis TLS voor het opzoeken van ID's" + +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" + +#~ msgid "Base DN for user lookups" +#~ msgstr "Base DN voor het opzoeken van gebruikers" + +#~ msgid "Scope of user lookups" +#~ msgstr "Scope voor het opzoeken van gebruikers" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filter voor het opzoeken van gebruikers" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass voor gebruikers" + +#~ msgid "Username attribute" +#~ msgstr "Username-attribuut" + +#~ msgid "UID attribute" +#~ msgstr "UID-attribuut" + +#~ msgid "Primary GID attribute" +#~ msgstr "Primair GID-attribuut" + +#~ msgid "GECOS attribute" +#~ msgstr "GECOS-attribuut" + +#~ msgid "Home directory attribute" +#~ msgstr "Gebruikersmap-attribuut" + +#~ msgid "Shell attribute" +#~ msgstr "Shell-attribuut" + +#~ msgid "objectSID attribute" +#~ msgstr "objectSID attribuut" + +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "Active Directory primaire groep attribuut voor ID-mapping" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Userprincipal-attribuut (voor Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Volledige naam" + +#~ msgid "memberOf attribute" +#~ msgstr "memberOf-attribuut" + +#~ msgid "Modification time attribute" +#~ msgstr "Modification time-attribuut" + +#~ msgid "shadowLastChange attribute" +#~ msgstr "shadowLastChange attribuut" + +#~ msgid "shadowMin attribute" +#~ msgstr "shadowMin attribuut" + +#~ msgid "shadowMax attribute" +#~ msgstr "shadowMax attribuut" + +#~ msgid "shadowWarning attribute" +#~ msgstr "shadowWarning attribuut" + +#~ msgid "shadowInactive attribute" +#~ msgstr "shadowInactive attribuut" + +#~ msgid "shadowExpire attribute" +#~ msgstr "shadowExpire attribuut" + +#~ msgid "shadowFlag attribute" +#~ msgstr "shadowFlag attribuut" + +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Attribuut voor tonen van geautoriseerde PAM services" + +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Attribuut dat geautoriseerde server hosts toont" + +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "krbLastPwdChange attribuut" + +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "krbPasswordExpiration attribuut" + +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" + +#~ msgid "accountExpires attribute of AD" +#~ msgstr "accountExpires attribuut van AD" + +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "userAccountControl attribuut van AD" + +#~ msgid "nsAccountLock attribute" +#~ msgstr "nsAccountLock attribuut" + +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "loginDisabled attribuut van NDS" + +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "loginExpirationTime attribuut van NDS" + +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "loginAllowedTimeMap attribuut van NDS" + +#~ msgid "SSH public key attribute" +#~ msgstr "SSH publieke sleutel attribuut" + +#~ msgid "Base DN for group lookups" +#~ msgstr "Basis DN voor groep opzoeken" + +#~ msgid "Objectclass for groups" +#~ msgstr "Objectklasse voor groepen" + +#~ msgid "Group name" +#~ msgstr "Groepsnaam" + +#~ msgid "Group password" +#~ msgstr "Groep wachtwoord" + +#~ msgid "GID attribute" +#~ msgstr "GID attribuut" + +#~ msgid "Group member attribute" +#~ msgstr "Groep deelnemer attribuut" + +#~ msgid "Modification time attribute for groups" +#~ msgstr "Verandertijd attribuut voor groepen" + +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "Basis DN voor netgroep opzoeken" + +#~ msgid "Objectclass for netgroups" +#~ msgstr "Objectklasse voor netgroepen" + +#~ msgid "Netgroup name" +#~ msgstr "Netgroep naam" + +#~ msgid "Netgroups members attribute" +#~ msgstr "Netgroep leden attribuut" + +#~ msgid "Netgroup triple attribute" +#~ msgstr "Netgroep triple attibuut" + +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Verandertijd attribuut voor netgroepen" + +#~ msgid "Base DN for service lookups" +#~ msgstr "Basis DN voor service lookups" + +#~ msgid "Objectclass for services" +#~ msgstr "Objectclass voor services" + +#~ msgid "Service name attribute" +#~ msgstr "Service naam attribuut" + +#~ msgid "Service port attribute" +#~ msgstr "Service port attribuut" + +#~ msgid "Service protocol attribute" +#~ msgstr "Service protocol attribuut" + +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Ondergrens voor ID-mapping" + +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Bovengrens voor ID-mapping" + +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Aantal ID's voor elk segment bij ID-mapping" + +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" + +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Naam van het standaard domein voor ID-mapping" + +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID van het standaard domein voor ID-mapping" + +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" + +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Policy om wacthwoordverloop mee te evalueren" + +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "" +#~ "Welke attributen worden gebruikt voor evaluatie als het account verlopen " +#~ "is" + +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "" +#~ "Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" + +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" + +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "" +#~ "URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan " +#~ "zijn" + +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "DNS service naam voor LDAP wachtwoord verander server" + +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " +#~ "wachtwoordwijziging" + +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Basis DN voor sudo regels lookups" + +#~ msgid "Automatic full refresh period" +#~ msgstr "Automatische volledige ververs periode" + +#~ msgid "Automatic smart refresh period" +#~ msgstr "Automatische slimme ververs periode" + +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" + +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine " +#~ "voor het filteren van sudo regels" + +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van " +#~ "sudo regels" + +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " + +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Moeten regels toegevoegd worden die regulaire expressie bevatten in host " +#~ "attribuut " + +#~ msgid "Object class for sudo rules" +#~ msgstr "Objectklasse voor sudo regels" + +#~ msgid "Sudo rule name" +#~ msgstr "Sudo regelnaam" + +#~ msgid "Sudo rule command attribute" +#~ msgstr "Sudo regel opdracht attribuut" + +#~ msgid "Sudo rule host attribute" +#~ msgstr "Sudo regel host attribuut" + +#~ msgid "Sudo rule user attribute" +#~ msgstr "Sudo regel gebruiker attribuut" + +#~ msgid "Sudo rule option attribute" +#~ msgstr "Sudo regel optie attribuut" + +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "Sudo regel runasuser attribuut" + +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Sudo regel runasgroup attribuut" + +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Sudo regel notbefore attribuut" + +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Sudo regel notafter attribuut" + +#~ msgid "Sudo rule order attribute" +#~ msgstr "Sudo regel volgorde attribuut" + +#~ msgid "Object class for automounter maps" +#~ msgstr "Object class voor automounter maps" + +#~ msgid "Automounter map name attribute" +#~ msgstr "Automounter map naam attribuut" + +#~ msgid "Object class for automounter map entries" +#~ msgstr "Objectklasse voor automounter map ingaven" + +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Automounter map sleutel ingave attribuut" + +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Automounter map ingavewaarde attribuut" + +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Basis DN voor automounter kaart opzoeken" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Kommagescheiden lijst van toegestane gebruikers" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Kommagescheiden lijst van geweigerde gebruikers" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Standaard shell, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Basis voor gebruikersmappen" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" + +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "" +#~ "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " + +#~ msgid "PAM stack to use" +#~ msgstr "PAM-stack die gebruikt wordt" diff --git a/po/pl.po b/po/pl.po index c5ca94f8e0..0f1b7761ed 100644 --- a/po/pl.po +++ b/po/pl.po @@ -14,8 +14,8 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" -"PO-Revision-Date: 2019-08-26 02:06+0000\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" +"PO-Revision-Date: 2019-12-02 12:32+0000\n" "Last-Translator: Piotr Drąg \n" "Language-Team: Polish (http://www.transifex.com/projects/p/sssd/language/" "pl/)\n" @@ -27,2986 +27,2654 @@ msgstr "" "|| n%100>=20) ? 1 : 2);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Ustawia liczbę komunikatów dziennika debugowania" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Dołącza daty w dziennikach debugowania" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Dołączanie mikrosekund w datach w dziennikach debugowania" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "Uruchamia jako usługa (domyślnie)" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Zapisuje komunikaty debugowania do plików dziennika" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "Uruchamia interaktywnie (nie jako usługa)" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "Czas oczekiwania watchdoga przed ponownym uruchomieniem usługi" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "Wyłącza interfejs netlink" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Polecenie do uruchomienia usługi" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "Podaje niedomyślny plik konfiguracji" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Liczba prób połączenia do dostawców danych" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "Odświeża bazę danych konfiguracji, a następnie kończy działanie" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" -"Liczba deskryptorów plików, które mogą być otwarte przez ten program " -"odpowiadający" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "Podobne do --genconf, ale odświeża tylko podaną sekcję" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Czas bezczynności przed automatycznym rozłączeniem klienta" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "Wyświetla numer wersji i kończy działanie" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" -"Czas bezczynności przed automatycznym wyłączeniem programu odpowiadającego" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "Usługa SSSD jest już uruchomiona\n" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" -"Odpytywanie wszystkich pamięci podręcznych za każdym razem przed " -"odpytywaniem dostawców danych" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "Poziom debugowania" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Usługi SSSD do uruchomienia" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "Dodaje czasy debugowania" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Domeny SSSD do uruchomienia" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "Wyświetlanie dat z mikrosekundami" -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Czas oczekiwania na komunikaty wysyłane przez SBUS" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "Otwiera deskryptor pliku dla dzienników debugowania" -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Wyrażenie regularne do przetworzenia nazwy użytkownika i domeny" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "" +"Wysyła wyjście debugowania bezpośrednio do standardowego wyjścia błędów." -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Format zgodny z printf do wyświetlania w pełni kwalifikowanych nazw" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "Użytkownik, jako który utworzyć ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Katalog w systemie plików, w którym SSSD ma przechowywać pliki pamięci " -"podręcznej odtwarzania Kerberosa." +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "Grupa, jako którą utworzyć ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Domeny do dodania do nazw bez składnika domeny." +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "Używany obszar Kerberosa" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "Użytkownik, któremu porzucić uprawnienia" +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "Żądany czas trwania biletu" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "Dostraja sprawdzanie poprawności certyfikatów" +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "Żądany odnawialny czas trwania biletu" -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Wszystkie spacji w nazwach grup i użytkowników zostaną zastąpione tym znakiem" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "Opcje FAST („never”, „try”, „demand”)" -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" -"Dostraja usługę SSSD, aby uwzględniała lub ignorowała zmiany stanu netlink" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" +msgstr "Podaje naczelnika serwera używanego dla FAST" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "Włącza lub wyłącza bezpośrednią domenę plików" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "Żąda ujednolicenie nazwy naczelnika" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "Konkretna kolejność domen do wyszukania" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "Użycie niestandardowej wersji krb5_get_init_creds_password" -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Czas oczekiwania pamięci podręcznej wyliczania (sekundy)" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "Domena dostawcy informacji (wymagane)" -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Czas oczekiwania aktualizacji tła pamięci podręcznej wpisów (sekundy)" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "Uprawnione gniazdo ma błędnego właściciela lub uprawnienia." -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Ujemny czas oczekiwania pamięci podręcznej (sekundy)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." +msgstr "Publiczne gniazdo ma błędnego właściciela lub uprawnienia" -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "Ujemny czas oczekiwania pamięci podręcznej plików (sekundy)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera." -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Użytkownicy, którzy mają być bezpośrednio ignorowani przez SSSD" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD nie zostało uruchomione w trybie roota." -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Grupy, które mają być bezpośrednio ignorowane przez SSSD" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "Gniazdo SSSD nie istnieje." -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Czy filtrowani użytkownicy mają pojawiać się w grupach" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "Nie można wykonać „stat” na gnieździe SSSD." -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Wartość pola hasła, jaką dostawca NSS ma zwrócić" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu." -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "Zastępuje wartość katalogu domowego z dostawcy tożsamości tą wartością" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" +msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu" -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Zastępuje pustą wartość katalogu domowego z dostawcy tożsamości tą wartością" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "Odmowa uprawnienia." -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "Zastępuje wartość powłoki od dostawcy tożsamości tą wartością" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "Komunikat serwera: " -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "Lista powłok, za pomocą których użytkownicy mogą się logować" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "Hasła się nie zgadzają" -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "Lista powłok, które zostaną zawetowane i zastąpione powłoką zastępczą" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." +msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane." -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Jeśli powłoka przechowywana w katalogu centralnym jest dozwolona, ale nie " -"jest dostępna, to zostanie użyta ta powłoka zastępcza" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Powłoka do użycia, jeśli dostawca nie dostarcza żadnej" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr ", hasło w pamięci podręcznej wygaśnie za: " -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Jak długo wpisy pamięci podręcznej in-memory są prawidłowe" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "Hasło wygasło. Pozostało %1$d możliwych logowań." -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" -"Lista atrybutów użytkownika, które program odpowiadający NSS może publikować" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "Hasło wygaśnie za %1$d %2$s." -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Jak długo umożliwiać logowania w pamięci podręcznej między logowaniami " -"w trybie online (dni)" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "Uwierzytelnianie jest zabronione do: " -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Ile nieudanych prób zalogowania jest dozwolonych w trybie offline" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" +msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" msgstr "" -"Ile czasu (minut) nie pozwalać na zalogowanie po osiągnięciu " -"offline_failed_login_attempts" +"Po zmianie hasła OTP należy się wylogować i zalogować ponownie, aby uzyskać " +"bilet" -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" -"Jaki rodzaj komunikatów wyświetlać użytkownikowi podczas uwierzytelniania" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "Zmiana hasła się nie powiodła. " -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "Filtruje odpowiedzi PAM wysłane do pam_sss" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "Nowe hasło: " -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Ile sekund zatrzymać informacje o tożsamości w pamięci podręcznej dla żądań " -"PAM" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "Proszę ponownie podać nowe hasło: " -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "Ile dni przed wygaśnięciem hasła wyświetlić ostrzeżenie" +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "Pierwszy czynnik: " -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "Lista zaufanych UID lub nazw użytkowników" +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "Drugi czynnik (opcjonalnie): " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "Lista domen dostępnych także dla niezaufanych użytkowników." +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "Drugi czynnik: " -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "Komunikat wyświetlany po wygaśnięciu konta użytkownika." +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "Hasło: " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "Komunikat wyświetlany po zablokowaniu konta użytkownika." +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "Pierwszy czynnik (obecne hasło): " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "Zezwala na uwierzytelnianie za pomocą certyfikatów/smartcard." +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "Bieżące hasło: " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "Ścieżka do bazy danych certyfikatów z modułami PKCS#11." +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "Hasło wygasło. Proszę je zmienić teraz." -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "Ile sekund pam_sss ma oczekiwać na ukończenie p11_child" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "Poziom debugowania, z jakim uruchomić" -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "Które usługi PAM mają zezwolenie na kontakt z domenami aplikacji" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "Używana domena SSSD" -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "Usługi mogące używać kart smardcard" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "Błąd podczas ustawiania lokalizacji\n" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "Dodatkowy czas oczekiwania na kartę, jeśli zażądano" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "Brak pamięci\n" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" -"Adres URI PKCS#11 do ograniczenia wyboru urządzeń dla uwierzytelniania za " -"pomocą kart smartcard" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "Nie podano użytkownika\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "Określa, czy szacować atrybuty oparte na czasie w regułach sudo" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "Błąd podczas wyszukiwania kluczy publicznych\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" -"Jeśli jest włączone, usługa SSSD przełączy z powrotem do logiki kolejności " -"„niższe wygrywa”" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "Port do użycia do połączenia z komputerem" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" -"Maksymalna liczba reguł, jaką można odświeżyć jednocześnie. Jeśli zostanie " -"przekroczona, wykonywane jest pełne odświeżenie." +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "Wyświetla publiczne klucze SSH komputera" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "Określa, czy mieszać nazwy komputerów i adresy w pliku known_hosts" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "Nieprawidłowy port\n" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Ile sekund przechowywać komputer w pliku known_hosts po zażądaniu jego kluczy" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "Nie podano komputera\n" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "Ścieżka do miejsca przechowywania zaufanych certyfikatów CA" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "Ścieżka do polecenia pośrednika musi być bezwzględna\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy: nie można rozwiązać nazwy komputera %s\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "UID użytkownika" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego " -"PAC" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "Ciąg komentarza" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "Jak długo dane PAC są uważane za prawidłowe" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Katalog domowy" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego " -"InfoPipe" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Powłoka logowania" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Lista atrybutów użytkownika, które InfoPipe może publikować" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Grupy" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "Dostawca przechowujący hasła" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Utworzy katalog użytkownika, jeśli nie istnieje" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "Maksymalnie dozwolona liczba zagnieżdżonych kontenerów" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "Nigdy nie tworzy katalogu użytkownika, zastępuje konfigurację" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "Maksymalna liczba przechowywanych haseł" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Proszę podać alternatywny katalog szkieletu" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "Maksymalna liczba haseł przechowywanych na UID" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "Użytkownik SELinuksa dla loginu użytkownika" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "Maksymalny rozmiar ładunku hasła w kilobajtach" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "Proszę podać grupę, do której dodać\n" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "Adres URL Custodia, który serwer nasłuchuje" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "Metoda używana podczas uwierzytelniania z serwerem Custodia" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "Proszę podać użytkownika do dodania\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" -"Nazwa nagłówków dodawanych do żądania HTTP z wartością określoną " -"w auth_header_value" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" +msgstr "Błąd podczas inicjowania narzędzi — brak lokalnej domeny\n" -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "Wartość, którą sssd-secrets używałoby dla auth_header_name" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "Błąd podczas inicjowania narzędzi\n" -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "Lista nagłówków do przekazania do serwera Custodia razem z żądaniem" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "Podano nieprawidłową domenę w FQDN\n" -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Nazwa użytkownika używana podczas uwierzytelniania z serwerem Custodia za " -"pomocą basic_auth" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "Wewnętrzny błąd podczas przetwarzania parametrów\n" -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Hasło używane podczas uwierzytelniania z serwerem Custodia za pomocą " -"basic_auth" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "Grupy muszą być w tej samej domenie co użytkownik\n" -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" -"Czy certyfikat prawdziwego partnera jest weryfikowany, jeśli proxy_url używa " -"protokołu HTTPS" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "Nie można odnaleźć grupy %1$s w lokalnej domenie\n" -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" -"Czy certyfikat fałszywego partnera może zawierać inną nazwę komputera niż " -"proxy_url, kiedy używany jest protokół HTTPS" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "Ścieżka do katalogu z certyfikatami CA" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "Ścieżka do pliku zawierającego certyfikat CA serwera" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "Ścieżka do pliku zawierającego certyfikat klienta" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "Ścieżka do pliku zawierającego klucz prywatny klienta" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Dostawca tożsamości" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Dostawca uwierzytelniania" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Dostawca kontroli dostępu" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Dostawca zmiany hasła" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "Dostawca SUDO" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Dostawca Autofs" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Dostawca tożsamości komputera" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "Dostawca SELinuksa" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "Dostawca zarządzania sesją" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "Czy domena jest używalna przez system operacyjny lub aplikacje" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Minimalny identyfikator użytkownika" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Maksymalny identyfikator użytkownika" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Włącza wyliczanie wszystkich użytkowników/grup" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Wyświetla użytkowników/grupy w pełni kwalifikowanej formie" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Bez dołączania członków grup w wyszukiwaniach grup" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania " -"wyszukiwań DNS" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "Nie można ustawić domyślnych wartości\n" -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym " -"zalogowaniu (dni)" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" +msgstr "Wybrany UID jest spoza dozwolonego zakresu\n" -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" -"Jak długo SSSD ma komunikować się z jednym serwerem DNS przed spróbowaniem " -"następnego serwera (milisekundy)" +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "Nie można ustawić kontekstu loginu SELinuksa\n" -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "Jak długo próbować rozwiązać jedno zapytanie DNS (sekundy)" +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "Nie można uzyskać informacji o użytkowniku\n" -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" -"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów " -"(sekundy)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Część domeny zapytania DNS wykrywania usługi" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "Zastępuje wartość GID z dostawcy tożsamości tą wartością" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Rozróżnianie wielkości liter w nazwach użytkowników" +"Katalog domowy użytkownika już istnieje, dane z katalogu szkieletu nie " +"zostaną skopiowane\n" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Jak często odświeżać w tle wygasłe wpisy" +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "Nie można utworzyć katalogu domowego użytkownika: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Czy automatycznie aktualizować wpis DNS klienta" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "Nie można utworzyć buforu poczty użytkownika: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "" +"Nie można przydzielić identyfikatora użytkownikowi — czy domena jest pełna?\n" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" msgstr "" -"Interfejs, którego adres IP ma być używany do dynamicznych aktualizacji DNS" +"Użytkownik lub grupa o tej samej nazwie lub identyfikatorze już istnieje\n" -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Jak często okresowo aktualizować wpis DNS klienta" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "Błąd transakcji. Nie można dodać użytkownika.\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "Określa, czy dostawca ma aktualizować także wpis PTR" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "GID grupy" -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Określa, czy narzędzie nsupdate ma domyślnie używać portu TCP" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "Proszę podać grupę do dodania\n" -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" -"Jakiego rodzaju uwierzytelnianie ma być używane do wykonywania aktualizacji " -"DNS" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "Wybrany GID jest spoza dozwolonego zakresu\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "Zastępuje serwer DNS używany do wykonywania aktualizacji DNS" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "Nie można przydzielić identyfikatora grupie — czy domena jest pełna?\n" -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Kontrola wyliczania zaufanych domen" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "Grupa o tej samej nazwie lub GID już istnieje\n" -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Jak często odświeżać listę poddomen" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "Błąd transakcji. Nie można dodać grupy.\n" -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Lista opcji dziedziczonych przez poddomenę" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "Proszę podać grupę do usunięcia\n" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "Domyślna wartość katalogu domowego poddomeny" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "Grupa %1$s jest poza określonym zakresem identyfikatorów dla domeny\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" msgstr "" -"Jak długo dane uwierzytelniania w pamięci podręcznej mogą być używane do " -"uwierzytelniania w pamięci podręcznej" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "Czy automatycznie tworzyć prywatne grupy dla użytkowników" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Domena IPA" +"Żądanie NSS się nie powiodło (%1$d). Wpis może zostać w pamięci podręcznej.\n" -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Adres serwera IPA" +#: src/tools/sss_groupdel.c:132 +msgid "" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" +msgstr "" +"Nie ma takiej grupy w lokalnej domenie. Usuwanie grup jest dozwolone tylko " +"w lokalnej domenie.\n" -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adres zapasowego serwera IPA" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "Wewnętrzny błąd. Nie można usunąć grupy.\n" -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nazwa komputera klienta IPA" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Grupy, do których dodać tę grupę" -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" -"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Grupy, z których usunąć tę grupę" -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "Proszę podać grupę, z której usunąć\n" -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "Proszę podać grupę do zmodyfikowania\n" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/tools/sss_groupmod.c:130 msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie " -"zignorowany" +"Nie można odnaleźć grupy w lokalnej domenie, modyfikowanie grup jest " +"dozwolone tylko w lokalnej domenie\n" -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "Położenie automountera, którego używa ten klient IPA" +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" +msgstr "Członkowie grupy muszą być w tej samej domenie co grupa nadrzędna\n" -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format +msgid "" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" -"Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA" +"Nie można odnaleźć grupy %1$s w lokalnej domenie, tylko grupy w lokalnej " +"domenie są dozwolone\n" -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" msgstr "" -"Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach " -"identyfikatorów" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "Włącza witryny DNS — wykrywanie usług na podstawie położenia" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Podstawa wyszukiwania dla widoku kontenerów" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Klasa obiektu dla widoku kontenerów" +"Nie można zmodyfikować grupy — proszę sprawdzić, czy nazwy członków grupy są " +"poprawne\n" -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "Atrybut z nazwą widoku" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" +msgstr "" +"Nie można zmodyfikować grupy — proszę sprawdzić, czy nazwa grupy jest " +"poprawna\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Klasa obiektu dla obiektów zastępowania" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "Błąd transakcji. Nie można zmodyfikować grupy.\n" -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "Atrybut z odniesieniem do pierwotnego obiektu" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Prywatne magic " -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Klasa obiektu dla obiektów zastępowania użytkownika" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGrupa: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Klasa obiektów dla obiektów zastępowania grup" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sNumer GID: %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z profilem pulpitu" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sUżytkownicy będący członkami: " -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/tools/sss_groupshow.c:627 +#, c-format msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" +"\n" +"%1$sIs a member of: " msgstr "" -"Czas w sekundach między wyszukiwaniami reguł profilu pulpitu w serwerze IPA" +"\n" +"%1$sJest członkiem: " -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/tools/sss_groupshow.c:634 +#, c-format msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +"\n" +"%1$sMember groups: " msgstr "" -"Czas w minutach między wyszukiwaniami reguł profilów pulpitu w serwerze IPA, " -"kiedy ostatnie żądanie nie odnalazło żadnej reguły" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Domena Active Directory" +"\n" +"%1$sGrupy będące członkami: " -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "Włączone domeny Active Directory" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "Rekursywnie drukuje niebezpośrednich członków grupy" -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Adres serwera Active Directory" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "Proszę podać grupę do wyświetlenia\n" -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Adres zapasowego serwera Active Directory" +#: src/tools/sss_groupshow.c:744 +msgid "" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" +msgstr "" +"Nie ma takiej grupy w lokalnej domenie. Drukowanie grup jest dozwolone tylko " +"w lokalnej domenie.\n" -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Nazwa komputera klienta Active Directory" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "Wewnętrzny błąd. Nie można wydrukować grupy.\n" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Filtr LDAP do określenia uprawnień dostępu" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "Usuwa katalog domowy i bufor poczty" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Czy używać Global Catalog do wyszukiwań" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "Nie usuwa katalogu domowego i bufora poczty" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Tryb działania dla kontroli dostępu opartej na GPO" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "Wymusza usunięcie plików, których właścicielem nie jest użytkownik" -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "Czas między wyszukiwaniami plików polityki GPO w serwerze AD" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "Usuwa procesy użytkownika przed jego usunięciem" -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" -"Nazwy usług PAM mapujących do ustawień polityki GPO " -"(Deny)InteractiveLogonRight" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "Proszę podać użytkownika do usunięcia\n" -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" msgstr "" -"Nazwy usług PAM mapujących do ustawień polityki GPO " -"(Deny)RemoteInteractiveLogonRight" +"Użytkownik %1$s jest poza określonym zakresem identyfikatorów dla domeny\n" -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)NetworkLogonRight" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "Nie można przywrócić kontekstu loginu SELinuksa\n" -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" msgstr "" -"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)BatchLogonRight" +"OSTRZEŻENIE: użytkownik (UID %1$lu) był zalogowany podczas jego usunięcia.\n" -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" -"Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)ServiceLogonRight" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" +msgstr "Nie można określić, czy użytkownik był zalogowany na tej platformie" -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" -"Nazwy usług PAM, dla których zawsze udzielany jest dostęp oparty na GPO" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "Błąd podczas sprawdzania, czy użytkownik był zalogowany\n" -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" -"Nazwy usług PAM, dla których zawsze odmawiany jest dostęp oparty na GPO" +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "Polecenie po usunięciu nie powiodło się: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" msgstr "" -"Domyślne uprawnienie logowania (lub zezwolenie/odmowa) do użycia dla " -"niemapowanych nazw usług PAM" +"Katalog domowy nie zostanie usunięty — użytkownik nie jest właścicielem\n" -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "konkretna strona używana przez klienta" +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "Nie można usunąć katalogu domowego: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/tools/sss_userdel.c:326 msgid "" -"Maximum age in days before the machine account password should be renewed" +"No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" -"Maksymalny wiek w dniach przed wymaganiem odnowienia hasła konta komputera" +"Nie ma takiego użytkownika w lokalnej domenie. Usuwanie użytkowników jest " +"dozwolone tylko w lokalnej domenie.\n" + +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "Wewnętrzny błąd. Nie można usunąć użytkownika.\n" -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "Opcja dostrajania zadania odnawiania konta komputera" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "GID użytkownika" -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Adres serwera Kerberos" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Grupy, do których dodać tego użytkownika" -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Adres zapasowego serwera Kerberos" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Grupy, z których usunąć tego użytkownika" -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Obszar Kerberos" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Zablokowanie konta" -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Czas oczekiwania na uwierzytelnienie" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Odblokowanie konta" -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Określa, czy tworzyć pliki kdcinfo" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "Dodaje parę atrybut/wartość. Format to nazwaatrybutu=wartość." -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Gdzie umieścić wstawki konfiguracji krb5" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." +msgstr "Usuwa parę atrybut/wartość. Format to nazwaatrybutu=wartość." -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" +#: src/tools/sss_usermod.c:59 +msgid "" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" msgstr "" -"Katalog do przechowywania pamięci podręcznych danych uwierzytelniających" +"Ustawia atrybut pary nazwa/wartość. Format to nazwaatrybutu=wartość. " +"W przypadku atrybutów o wielu wartościach polecenie zastępuje obecne już " +"wartości" -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "Podaje atrybuty parom nazwa/atrybut\n" -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "Proszę podać użytkownika do zmodyfikowania\n" -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Włącza sprawdzanie danych uwierzytelniających" +#: src/tools/sss_usermod.c:180 +msgid "" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" +msgstr "" +"Nie można odnaleźć użytkownika w lokalnej domenie, modyfikowanie " +"użytkowników jest dozwolone tylko w lokalnej domenie\n" -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" msgstr "" -"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia " -"w trybie online" +"Nie można zmodyfikować użytkownika — proszę sprawdzić, czy nazwy grup są " +"poprawne\n" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Odnawialny czas trwania TGT" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" +msgstr "" +"Nie można zmodyfikować użytkownika — czy użytkownik jest już członkiem " +"grup?\n" -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Czas trwania TGT" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" +msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n" -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Czas między dwoma sprawdzaniami odnowy" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n" -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Włącza FAST" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "Nie można unieważnić %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Wybiera naczelnika do użycia dla FAST" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "Nie można unieważnić %1$s %2$s\n" -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Włącza ujednolicanie naczelnika" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "Unieważnia wszystkie wpisy w pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Włącza naczelników enterprise" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "Unieważnia podanego użytkownika" -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "Mapa nazw użytkowników do nazw naczelników Kerberos" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "Unieważnia wszystkich użytkowników" -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje " -"się w KDC" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "Unieważnia podaną grupę" -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, adres URI serwera LDAP" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "Unieważnia wszystkie grupy" -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, adres URI serwera LDAP" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "Unieważnia podaną grupę sieciową" -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Domyślna podstawowa DN" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "Unieważnia wszystkie grupy sieciowe" -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "Unieważnia podaną usługę" -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "Tryb używany do zmiany hasła użytkownika" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "Unieważnia wszystkie usługi" -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Domyślne DN dowiązania" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "Unieważnia podaną mapę autofs" -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "Unieważnia wszystkie mapy autofs" -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Token uwierzytelniania domyślnego DN dowiązania" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "Unieważnia konkretny komputer SSH" -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Czas do próby połączenia" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "Unieważnia wszystkie komputery SSH" -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Czas do próby synchronicznych działań LDAP" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "Unieważnia podaną regułę sudo" -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Czas między próbami ponownego połączenia w trybie offline" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "Unieważnia wszystkie reguły sudo w pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Użycie tylko wielkich znaków w nazwach obszarów" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "Unieważnia wpisy tylko z podanej domeny" -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Plik zawierający certyfikaty CA" +#: src/tools/sss_cache.c:811 +msgid "" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" +msgstr "" +"Podano nieoczekiwane parametry, opcje unieważniające jeden obiekt przyjmują " +"tylko jeden podany parametr.\n" -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Ścieżka do katalogu certyfikatów CA" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" +msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n" -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Plik zawierający certyfikat klienta" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" +msgstr "" +"Nie można otworzyć domeny %1$s. Jeśli domena jest poddomeną (zaufaną " +"domeną), należy użyć w pełni kwalifikowanej nazwy zamiast parametru --" +"domain/-d.\n" -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Plik zawierający klucz klienta" +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "Nie można otworzyć dostępnych domen\n" -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Lista możliwych zestawów szyfrów" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "Nazwa „%1$s” nie jest FQDN (ustawione jest „%2$s = TRUE”)\n" -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Wymaga sprawdzenia certyfikatu TLS" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "Brak pamięci\n" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Podaje używany mechanizm SASL" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s musi zostać uruchomione jako root\n" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Podaje używany identyfikator upoważnienia SASL" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "tak" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Podaje obszar upoważnienia SASL do użycia" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "nie" -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "błąd" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Tablica kluczy usługi Kerberos" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "Nieprawidłowy wynik." -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "Nie można odczytać wejścia użytkownika\n" -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Podąża za odsyłaniami LDAP" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "Nieprawidłowe wejście, proszę podać „%s” lub „%s”.\n" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Czas trwania TGT dla połączenia LDAP" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "Błąd podczas wykonywania polecenia zewnętrznego\n" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Jak wskazywać aliasy" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "Usługa SSSD musi być uruchomiona. Uruchomić ją teraz?" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Nazwa usługi do wyszukiwań usługi DNS" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "Usługa SSSD nie może być uruchomiona. Zatrzymać ją teraz?" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "Usługa SSSD musi zostać ponownie uruchomiona. Zrobić to teraz?" -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "Suma liczb, których musi brakować, aby wywołać pełne „deref”" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s nie jest w pamięci podręcznej.\n" -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" -"Określa, czy biblioteka LDAP ma wykonywać odwrotne wyszukanie, aby " -"ujednolicić nazwę komputera podczas dowiązania SASL" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "Nazwa" -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "Atrybut entryUSN" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "Data utworzenia wpisu pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "Atrybut lastUSN" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "Czas ostatniej aktualizacji wpisu pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem" +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "Czas wygaśnięcia wpisu pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Wyłącza kontrolę stronicowania LDAP" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "Umieszczono w pamięci podręcznej w InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Wyłącza pobieranie zakresu Active Directory" +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "Błąd: nie można uzyskać obiektu [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Czas oczekiwania na żądanie wyszukiwania" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: nie można odczytać wartości [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Czas oczekiwania na żądanie wyliczenia" +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "Należy podać nazwę." -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Czas między aktualizacjami wyliczania" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "Nie można przetworzyć nazwy %s.\n" -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Czas między czyszczeniem pamięci podręcznej" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "Wyszukuje według SID" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Wymaga TLS dla wyszukiwania identyfikatorów" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "Wyszukuje według identyfikatorów użytkowników" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" -"Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych " -"identyfikatorów" +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Czas wygaśnięcia grup inicjacji" -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Podstawowe DN dla wyszukiwania użytkowników" +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "Wyszukuje według identyfikatorów grup" -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Zakres wyszukiwania użytkowników" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtruje wyszukiwania użytkowników" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Klasa obiektów dla użytkowników" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Atrybut nazwy użytkownika" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Atrybut UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Pierwszy atrybut GID" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Atrybut GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Atrybut katalogu domowego" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Atrybut powłoki" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "Atrybut UUID" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "Atrybut objectSID" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Atrybut głównego użytkownika (dla Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Imię i nazwisko" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" +msgstr "Otwarcie %s się nie powiodło\n" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Atrybut memberOf" +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" +msgstr "Plik %1$s nie istnieje.\n" -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Atrybut czasu modyfikacji" +#: src/tools/sssctl/sssctl_config.c:79 +msgid "" +"File ownership and permissions check failed. Expected root:root and 0600.\n" +msgstr "" +"Sprawdzenie właściciela i uprawnień pliku się nie powiodło. Oczekiwano root:" +"root i 0600.\n" -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "Atrybut shadowLastChange" +#: src/tools/sssctl/sssctl_config.c:85 +#, fuzzy, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "Wczytanie konfiguracji z %s się nie powiodło.\n" -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "Atrybut shadowMin" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "Błąd podczas odczytywania katalogu konfiguracji.\n" -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "Atrybut shadowMax" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" +"Nie ma konfiguracji. Usługa SSSD użyje domyślnej konfiguracji z dostawcą " +"plików.\n" -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "Atrybut shadowWarning" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "Uruchomienie programów sprawdzających poprawność się nie powiodło" -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "Atrybut shadowInactive" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "Problemy zidentyfikowane przez programy sprawdzające poprawność: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "Atrybut shadowExpire" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "Komunikaty utworzone podczas łączenia konfiguracji: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "Atrybut shadowFlag" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "Użyte pliki wstawek konfiguracji: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Atrybut zawierający listę upoważnionych usług PAM" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "Nie można utworzyć katalogu kopii zapasowej [%d]: %s" -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" +msgstr "Kopia zapasowa SSSD lokalnych danych już istnieje, zastąpić?" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "Atrybut zawierający listę upoważnionych rhosts serwera" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "Nie można wyeksportować zastąpień użytkownika\n" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "Atrybut krbLastPwdChange" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "Nie można wyeksportować zastąpień grupy\n" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "Atrybut krbPasswordExpiration" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "Zastępuje istniejącą kopię zapasową" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "Nie można zaimportować zastąpień użytkownika\n" -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "Atrybut accountExpires AD" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "Nie można zaimportować zastąpień grupy\n" -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "Atrybut userAccountControl AD" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "Uruchamia usługę SSSD, jeśli nie jest uruchomiona" -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "Atrybut nsAccountLock" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "Ponownie uruchamia usługę SSSD po imporcie danych" -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "Atrybut loginDisabled NDS" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "Tworzy czyste pliki pamięci podręcznej i importuje lokalne dane" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "Atrybut loginExpirationTime NDS" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "Zatrzymuje usługę SSSD przed usunięciem pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "Atrybut loginAllowedTimeMap NDS" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "Uruchamia usługę SSSD po usunięciu pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Atrybut klucza publicznego SSH" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "Tworzenie kopii zapasowej lokalnych danych…\n" -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" -"atrybut zawierający listę dozwolonych typów uwierzytelniania dla użytkownika" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "atrybut zawierający certyfikat X509 użytkownika" +"Nie można utworzyć kopii zapasowej lokalnych danych, nie można usunąć " +"pamięci podręcznej.\n" -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "atrybut zawierający adres e-mail użytkownika" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "Usuwanie plików pamięci podręcznej…\n" -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "Nie można usunąć plików pamięci podręcznej\n" -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "Podstawowe DN dla wyszukiwania grup" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "Przywracanie lokalnych danych…\n" -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Klasa obiektów dla grup" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" +msgstr "Wyświetla listę domen, w tym główny i zaufany typ domeny" -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Nazwa grupy" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "Nie można połączyć się z magistralą systemową.\n" -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Hasło grupy" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "Online" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Atrybut GID" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "Offline" -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Atrybut elementu grupy" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "Stan online: %s\n" -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "Atrybut UUID grupy" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "Ta domena nie ma aktywnych serwerów.\n" -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Atrybut czasu modyfikacji grup" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "Aktywne serwery:\n" -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Typ grupy i inne flagi" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "nie połączono" -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "Atrybut zewnętrznego członka grupy LDAP" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "Nie wykryto żadnych serwerów.\n" -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "Wykryte serwery (%s):\n" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "Jeszcze nic.\n" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Klasa obiektów dla grup sieciowych" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "Wyświetla stan online" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Nazwa grupy sieciowej" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "Wyświetla informacje o aktywnym serwerze" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Atrybut elementów grupy sieciowej" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "Wyświetla listę wykrytych serwerów" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Potrójny atrybut grupy sieciowej" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "Należy podać nazwę domeny." -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Atrybut czasu modyfikacji grup sieciowych" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "Brak pamięci.\n" -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Podstawowe DN do wyszukiwania usług" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "Nie można uzyskać stanu online\n" -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Klasa obiektów dla usług" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "Nie można uzyskać listy serwerów\n" -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Atrybut nazwy usługi" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Atrybut portu usługi" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "Usuwa pliki dziennika zamiast ich skracania" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Atrybut protokołu usługi" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "Usuwanie plików dziennika…\n" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Niższa granica dla mapowania identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "Nie można usunąć plików dziennika\n" -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Wyższa granica dla mapowania identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "Skracanie plików dziennika…\n" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" -"Liczba identyfikatorów dla każdego fragmentu podczas mapowania " -"identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "Nie można skrócić plików dziennika\n" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "Brak pamięci." -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "Archiwizowanie plików dziennika w %s…\n" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID domyślnej domeny dla mapowania identyfikatorów" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "Nie można zarchiwizować plików dziennika\n" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "Liczba drugorzędnych fragmentów" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "Podaje poziom debugowania do ustawienia" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Czy używać Token-Groups" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "Wynik wyszukiwania użytkownika InfoPipe usługi SSSD:\n" -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "dlopen się nie powiodło z [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "dlsym się nie powiodło z [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN dla zapytań polityki" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "malloc się nie powiodło.\n" -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "Ile maksymalnie wpisów pobierać podczas żądania z wieloznacznikiem" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "sss_getpwnam_r się nie powiodło z [%d].\n" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Polityka do oszacowania wygaszenia hasła" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "Wynik wyszukiwania użytkownika NSS usługi SSSD:\n" -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "Które atrybuty mają być używane do sprawdzenia, czy konto wygasło" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " — nazwa użytkownika: %s\n" -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Które reguły mają być używane do sprawdzania kontroli dostępu" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " — identyfikator użytkownika: %d\n" -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " — identyfikator grupy: %d\n" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " — GECOS: %s\n" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " — katalog domowy: %s\n" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" +" - shell: %s\n" +"\n" msgstr "" -"Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie " -"hasła" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Podstawowe DN dla wyszukiwań reguł sudo" +" — powłoka: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Okres między automatycznymi pełnymi odświeżeniami" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "Działanie PAM [auth|acct|setc|chau|open|clos], domyślnie: " -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Okres między automatycznymi inteligentnymi odświeżeniami" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "Usługa PAM, domyślnie: " -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" -"Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "Należy podać nazwę użytkownika." -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Nazwy komputerów lub w pełni kwalifikowane nazwy domen tego komputera do " -"filtrowania reguł sudo" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" msgstr "" -"Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo" +"użytkownik: %s\n" +"działanie: %s\n" +"usługa: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera" +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "Wyszukanie nazwy użytkownika [%s] się nie powiodło.\n" -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "InfoPipe Wyszukanie użytkownika z [%s] się nie powiodło.\n" + +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "pam_start się nie powiodło: %s\n" + +#: src/tools/sssctl/sssctl_user_checks.c:268 +msgid "" +"testing pam_authenticate\n" +"\n" msgstr "" -"Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie " -"komputera" +"testowanie pam_authenticate\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Klasa obiektów dla reguł sudo" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "pam_get_item się nie powiodło: %s\n" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" msgstr "" +"pam_authenticate dla użytkownika [%s]: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Nazwa reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:278 +msgid "" +"testing pam_chauthtok\n" +"\n" +msgstr "" +"testowanie pam_chauthtok\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Atrybut polecenia reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" +msgstr "" +"pam_chauthtok: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Atrybut komputera reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" +msgstr "" +"testowanie pam_acct_mgmt\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Atrybut użytkownika reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format +msgid "" +"pam_acct_mgmt: %s\n" +"\n" +msgstr "" +"pam_acct_mgmt: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Atrybut opcji reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" +msgstr "" +"testowanie pam_setcred\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "Atrybut runas reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "Atrybut runasuser reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" +msgstr "" +"testowanie pam_open_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Atrybut runasgroup reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Atrybut notbefore reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" +msgstr "" +"testowanie pam_close_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Atrybut notafter reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" +msgstr "" +"pam_close_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Atrybut kolejności reguły sudo" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "nieznane działanie\n" -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Klasa obiektów dla map automountera" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "Środowisko PAM:\n" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Atrybut nazwy mapy automountera" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " — brak środowiska —\n" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Klasa obiektów dla wpisów map automountera" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "Identyfikator użytkownika, jako który uruchomić serwer" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Atrybut klucza wpisu mapy automountera" +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "Identyfikator grupy, jako którą uruchomić serwer" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Atrybut wartości wpisu mapy automountera" +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "Informuje, że program odpowiadający został aktywowany gniazdem" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Podstawowe DN dla wyszukiwań map automountera" +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "Informuje, że program odpowiadający został aktywowany magistralą D-Bus" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami" +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Ustawia liczbę komunikatów dziennika debugowania" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Lista zabronionych użytkowników oddzielonych przecinkami" +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Dołącza daty w dziennikach debugowania" -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Domyślna powłoka, /bin/bash" +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Dołączanie mikrosekund w datach w dziennikach debugowania" -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Podstawa katalogów domowych" +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Zapisuje komunikaty debugowania do plików dziennika" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "Liczba elementów potomnych pośrednika przed rozwidleniem." +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "Czas oczekiwania watchdoga przed ponownym uruchomieniem usługi" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Nazwa używanej biblioteki NSS" +#~ msgid "Command to start service" +#~ msgstr "Polecenie do uruchomienia usługi" -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" -"Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli " -"to możliwe" +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Liczba prób połączenia do dostawców danych" -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Używany stos PAM" +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Liczba deskryptorów plików, które mogą być otwarte przez ten program " +#~ "odpowiadający" -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "Ścieżka źródeł pliku „passwd”." +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "Czas bezczynności przed automatycznym rozłączeniem klienta" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "Ścieżka źródeł pliku „group”." +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "" +#~ "Czas bezczynności przed automatycznym wyłączeniem programu odpowiadającego" -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "Uruchamia jako usługa (domyślnie)" +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "" +#~ "Odpytywanie wszystkich pamięci podręcznych za każdym razem przed " +#~ "odpytywaniem dostawców danych" -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "Uruchamia interaktywnie (nie jako usługa)" +#~ msgid "SSSD Services to start" +#~ msgstr "Usługi SSSD do uruchomienia" -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "Wyłącza interfejs netlink" +#~ msgid "SSSD Domains to start" +#~ msgstr "Domeny SSSD do uruchomienia" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "Podaje niedomyślny plik konfiguracji" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Czas oczekiwania na komunikaty wysyłane przez SBUS" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "Odświeża bazę danych konfiguracji, a następnie kończy działanie" +#~ msgid "Regex to parse username and domain" +#~ msgstr "Wyrażenie regularne do przetworzenia nazwy użytkownika i domeny" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "Podobne do --genconf, ale odświeża tylko podaną sekcję" +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "Format zgodny z printf do wyświetlania w pełni kwalifikowanych nazw" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "Wyświetla numer wersji i kończy działanie" +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Katalog w systemie plików, w którym SSSD ma przechowywać pliki pamięci " +#~ "podręcznej odtwarzania Kerberosa." -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "Usługa SSSD jest już uruchomiona\n" +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Domeny do dodania do nazw bez składnika domeny." -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "Poziom debugowania" +#~ msgid "The user to drop privileges to" +#~ msgstr "Użytkownik, któremu porzucić uprawnienia" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "Dodaje czasy debugowania" +#~ msgid "Tune certificate verification" +#~ msgstr "Dostraja sprawdzanie poprawności certyfikatów" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "Wyświetlanie dat z mikrosekundami" +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Wszystkie spacji w nazwach grup i użytkowników zostaną zastąpione tym " +#~ "znakiem" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "Otwiera deskryptor pliku dla dzienników debugowania" +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "" +#~ "Dostraja usługę SSSD, aby uwzględniała lub ignorowała zmiany stanu netlink" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "" -"Wysyła wyjście debugowania bezpośrednio do standardowego wyjścia błędów." +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "Włącza lub wyłącza bezpośrednią domenę plików" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "Użytkownik, jako który utworzyć ccache FAST" +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "Konkretna kolejność domen do wyszukania" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "Grupa, jako którą utworzyć ccache FAST" +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Czas oczekiwania pamięci podręcznej wyliczania (sekundy)" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "Używany obszar Kerberosa" +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "" +#~ "Czas oczekiwania aktualizacji tła pamięci podręcznej wpisów (sekundy)" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "Żądany czas trwania biletu" +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Ujemny czas oczekiwania pamięci podręcznej (sekundy)" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "Żądany odnawialny czas trwania biletu" +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "Ujemny czas oczekiwania pamięci podręcznej plików (sekundy)" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "Opcje FAST („never”, „try”, „demand”)" +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Użytkownicy, którzy mają być bezpośrednio ignorowani przez SSSD" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "Podaje naczelnika serwera używanego dla FAST" +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Grupy, które mają być bezpośrednio ignorowane przez SSSD" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "Żąda ujednolicenie nazwy naczelnika" +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Czy filtrowani użytkownicy mają pojawiać się w grupach" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "Użycie niestandardowej wersji krb5_get_init_creds_password" +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Wartość pola hasła, jaką dostawca NSS ma zwrócić" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "Domena dostawcy informacji (wymagane)" +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Zastępuje wartość katalogu domowego z dostawcy tożsamości tą wartością" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "Uprawnione gniazdo ma błędnego właściciela lub uprawnienia." +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Zastępuje pustą wartość katalogu domowego z dostawcy tożsamości tą " +#~ "wartością" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "Publiczne gniazdo ma błędnego właściciela lub uprawnienia" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "Zastępuje wartość powłoki od dostawcy tożsamości tą wartością" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera." +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "Lista powłok, za pomocą których użytkownicy mogą się logować" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD nie zostało uruchomione w trybie roota." +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Lista powłok, które zostaną zawetowane i zastąpione powłoką zastępczą" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "Gniazdo SSSD nie istnieje." +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Jeśli powłoka przechowywana w katalogu centralnym jest dozwolona, ale nie " +#~ "jest dostępna, to zostanie użyta ta powłoka zastępcza" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "Nie można wykonać „stat” na gnieździe SSSD." +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Powłoka do użycia, jeśli dostawca nie dostarcza żadnej" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu." +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Jak długo wpisy pamięci podręcznej in-memory są prawidłowe" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu" +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "" +#~ "Lista atrybutów użytkownika, które program odpowiadający NSS może " +#~ "publikować" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "Odmowa uprawnienia." +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Jak długo umożliwiać logowania w pamięci podręcznej między logowaniami " +#~ "w trybie online (dni)" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "Komunikat serwera: " +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Ile nieudanych prób zalogowania jest dozwolonych w trybie offline" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "Hasła się nie zgadzają" +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Ile czasu (minut) nie pozwalać na zalogowanie po osiągnięciu " +#~ "offline_failed_login_attempts" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "Przywrócenie hasła przez użytkownika root nie jest obsługiwane." +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Jaki rodzaj komunikatów wyświetlać użytkownikowi podczas uwierzytelniania" + +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "Filtruje odpowiedzi PAM wysłane do pam_sss" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "Uwierzytelniono za pomocą danych z pamięci podręcznej" +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Ile sekund zatrzymać informacje o tożsamości w pamięci podręcznej dla " +#~ "żądań PAM" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr ", hasło w pamięci podręcznej wygaśnie za: " +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "Ile dni przed wygaśnięciem hasła wyświetlić ostrzeżenie" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "Hasło wygasło. Pozostało %1$d możliwych logowań." +#~ msgid "List of trusted uids or user's name" +#~ msgstr "Lista zaufanych UID lub nazw użytkowników" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "Hasło wygaśnie za %1$d %2$s." +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "Lista domen dostępnych także dla niezaufanych użytkowników." -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "Uwierzytelnianie jest zabronione do: " +#~ msgid "Message printed when user account is expired." +#~ msgstr "Komunikat wyświetlany po wygaśnięciu konta użytkownika." -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "System jest w trybie offline, zmiana hasła nie jest możliwa" +#~ msgid "Message printed when user account is locked." +#~ msgstr "Komunikat wyświetlany po zablokowaniu konta użytkownika." -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"Po zmianie hasła OTP należy się wylogować i zalogować ponownie, aby uzyskać " -"bilet" +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "Zezwala na uwierzytelnianie za pomocą certyfikatów/smartcard." -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "Zmiana hasła się nie powiodła. " +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "Ścieżka do bazy danych certyfikatów z modułami PKCS#11." -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "Nowe hasło: " +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "Ile sekund pam_sss ma oczekiwać na ukończenie p11_child" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "Proszę ponownie podać nowe hasło: " +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "Które usługi PAM mają zezwolenie na kontakt z domenami aplikacji" -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "Pierwszy czynnik: " +#~ msgid "Allowed services for using smartcards" +#~ msgstr "Usługi mogące używać kart smardcard" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "Drugi czynnik (opcjonalnie): " +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Dodatkowy czas oczekiwania na kartę, jeśli zażądano" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "Adres URI PKCS#11 do ograniczenia wyboru urządzeń dla uwierzytelniania za " +#~ "pomocą kart smartcard" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "Określa, czy szacować atrybuty oparte na czasie w regułach sudo" + +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "" +#~ "Jeśli jest włączone, usługa SSSD przełączy z powrotem do logiki " +#~ "kolejności „niższe wygrywa”" + +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "Maksymalna liczba reguł, jaką można odświeżyć jednocześnie. Jeśli " +#~ "zostanie przekroczona, wykonywane jest pełne odświeżenie." + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "Określa, czy mieszać nazwy komputerów i adresy w pliku known_hosts" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Ile sekund przechowywać komputer w pliku known_hosts po zażądaniu jego " +#~ "kluczy" + +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "Ścieżka do miejsca przechowywania zaufanych certyfikatów CA" + +#~ msgid "Allow to generate ssh-keys from certificates" +#~ msgstr "Zezwala na tworzenie kluczy SSH z certyfikatów" + +#~ msgid "" +#~ "Use the following matching rules to filter the certificates for ssh-key " +#~ "generation" +#~ msgstr "" +#~ "Używa poniższych reguł dopasowania do filtrowania certyfikatów do " +#~ "tworzenia kluczy SSH" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Lista UID lub nazw użytkowników mających dostęp do programu " +#~ "odpowiadającego PAC" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "Drugi czynnik: " +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "Jak długo dane PAC są uważane za prawidłowe" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "Hasło: " +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Lista UID lub nazw użytkowników mających dostęp do programu " +#~ "odpowiadającego InfoPipe" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "Pierwszy czynnik (obecne hasło): " +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "Lista atrybutów użytkownika, które InfoPipe może publikować" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "Bieżące hasło: " +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "Dostawca przechowujący hasła" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "Hasło wygasło. Proszę je zmienić teraz." +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "Maksymalnie dozwolona liczba zagnieżdżonych kontenerów" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "Poziom debugowania, z jakim uruchomić" +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "Maksymalna liczba przechowywanych haseł" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "Używana domena SSSD" +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "Maksymalna liczba haseł przechowywanych na UID" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "Błąd podczas ustawiania lokalizacji\n" +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "Maksymalny rozmiar ładunku hasła w kilobajtach" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "Brak pamięci\n" +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "Adres URL Custodia, który serwer nasłuchuje" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "Nie podano użytkownika\n" +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "Metoda używana podczas uwierzytelniania z serwerem Custodia" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "Błąd podczas wyszukiwania kluczy publicznych\n" +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "Nazwa nagłówków dodawanych do żądania HTTP z wartością określoną " +#~ "w auth_header_value" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "Port do użycia do połączenia z komputerem" +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "Wartość, którą sssd-secrets używałoby dla auth_header_name" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "Wyświetla publiczne klucze SSH komputera" +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "Lista nagłówków do przekazania do serwera Custodia razem z żądaniem" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "Nieprawidłowy port\n" +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Nazwa użytkownika używana podczas uwierzytelniania z serwerem Custodia za " +#~ "pomocą basic_auth" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "Nie podano komputera\n" +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Hasło używane podczas uwierzytelniania z serwerem Custodia za pomocą " +#~ "basic_auth" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "Ścieżka do polecenia pośrednika musi być bezwzględna\n" +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "Czy certyfikat prawdziwego partnera jest weryfikowany, jeśli proxy_url " +#~ "używa protokołu HTTPS" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "sss_ssh_knownhostsproxy: nie można rozwiązać nazwy komputera %s\n" +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "Czy certyfikat fałszywego partnera może zawierać inną nazwę komputera niż " +#~ "proxy_url, kiedy używany jest protokół HTTPS" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "UID użytkownika" +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "Ścieżka do katalogu z certyfikatami CA" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "Ciąg komentarza" +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "Ścieżka do pliku zawierającego certyfikat CA serwera" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "Katalog domowy" +#~ msgid "Path to file containing client's certificate" +#~ msgstr "Ścieżka do pliku zawierającego certyfikat klienta" -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "Powłoka logowania" +#~ msgid "Path to file containing client's private key" +#~ msgstr "Ścieżka do pliku zawierającego klucz prywatny klienta" -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "Grupy" +#~ msgid "Identity provider" +#~ msgstr "Dostawca tożsamości" -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "Utworzy katalog użytkownika, jeśli nie istnieje" +#~ msgid "Authentication provider" +#~ msgstr "Dostawca uwierzytelniania" -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "Nigdy nie tworzy katalogu użytkownika, zastępuje konfigurację" +#~ msgid "Access control provider" +#~ msgstr "Dostawca kontroli dostępu" -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "Proszę podać alternatywny katalog szkieletu" +#~ msgid "Password change provider" +#~ msgstr "Dostawca zmiany hasła" -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "Użytkownik SELinuksa dla loginu użytkownika" +#~ msgid "SUDO provider" +#~ msgstr "Dostawca SUDO" -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "Proszę podać grupę, do której dodać\n" +#~ msgid "Autofs provider" +#~ msgstr "Dostawca Autofs" -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "Proszę podać użytkownika do dodania\n" +#~ msgid "Host identity provider" +#~ msgstr "Dostawca tożsamości komputera" -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "Błąd podczas inicjowania narzędzi — brak lokalnej domeny\n" +#~ msgid "SELinux provider" +#~ msgstr "Dostawca SELinuksa" -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "Błąd podczas inicjowania narzędzi\n" +#~ msgid "Session management provider" +#~ msgstr "Dostawca zarządzania sesją" -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "Podano nieprawidłową domenę w FQDN\n" +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "Czy domena jest używalna przez system operacyjny lub aplikacje" -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "Wewnętrzny błąd podczas przetwarzania parametrów\n" +#~ msgid "Minimum user ID" +#~ msgstr "Minimalny identyfikator użytkownika" -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "Grupy muszą być w tej samej domenie co użytkownik\n" +#~ msgid "Maximum user ID" +#~ msgstr "Maksymalny identyfikator użytkownika" -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "Nie można odnaleźć grupy %1$s w lokalnej domenie\n" +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Włącza wyliczanie wszystkich użytkowników/grup" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "Nie można ustawić domyślnych wartości\n" +#~ msgid "Cache credentials for offline login" +#~ msgstr "" +#~ "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline" -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "Wybrany UID jest spoza dozwolonego zakresu\n" +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Wyświetla użytkowników/grupy w pełni kwalifikowanej formie" -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "Nie można ustawić kontekstu loginu SELinuksa\n" +#~ msgid "Don't include group members in group lookups" +#~ msgstr "Bez dołączania członków grup w wyszukiwaniach grup" -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "Nie można uzyskać informacji o użytkowniku\n" +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)" -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"Katalog domowy użytkownika już istnieje, dane z katalogu szkieletu nie " -"zostaną skopiowane\n" +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania " +#~ "wyszukiwań DNS" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "Nie można utworzyć katalogu domowego użytkownika: %1$s\n" +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim " +#~ "udanym zalogowaniu (dni)" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "Nie można utworzyć buforu poczty użytkownika: %1$s\n" +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "Jak długo SSSD ma komunikować się z jednym serwerem DNS przed " +#~ "spróbowaniem następnego serwera (milisekundy)" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "" -"Nie można przydzielić identyfikatora użytkownikowi — czy domena jest pełna?\n" +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "Jak długo próbować rozwiązać jedno zapytanie DNS (sekundy)" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "" -"Użytkownik lub grupa o tej samej nazwie lub identyfikatorze już istnieje\n" +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania " +#~ "serwerów (sekundy)" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "Błąd transakcji. Nie można dodać użytkownika.\n" +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Część domeny zapytania DNS wykrywania usługi" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "GID grupy" +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "Zastępuje wartość GID z dostawcy tożsamości tą wartością" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "Proszę podać grupę do dodania\n" +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Rozróżnianie wielkości liter w nazwach użytkowników" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "Wybrany GID jest spoza dozwolonego zakresu\n" +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Jak często odświeżać w tle wygasłe wpisy" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "Nie można przydzielić identyfikatora grupie — czy domena jest pełna?\n" +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Czy automatycznie aktualizować wpis DNS klienta" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "Grupa o tej samej nazwie lub GID już istnieje\n" +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "Błąd transakcji. Nie można dodać grupy.\n" +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "Interfejs, którego adres IP ma być używany do dynamicznych aktualizacji " +#~ "DNS" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "Proszę podać grupę do usunięcia\n" +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "Jak często okresowo aktualizować wpis DNS klienta" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "Grupa %1$s jest poza określonym zakresem identyfikatorów dla domeny\n" +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "Określa, czy dostawca ma aktualizować także wpis PTR" -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"Żądanie NSS się nie powiodło (%1$d). Wpis może zostać w pamięci podręcznej.\n" +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Określa, czy narzędzie nsupdate ma domyślnie używać portu TCP" -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"Nie ma takiej grupy w lokalnej domenie. Usuwanie grup jest dozwolone tylko " -"w lokalnej domenie.\n" +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Jakiego rodzaju uwierzytelnianie ma być używane do wykonywania " +#~ "aktualizacji DNS" -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "Wewnętrzny błąd. Nie można usunąć grupy.\n" +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "Zastępuje serwer DNS używany do wykonywania aktualizacji DNS" -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "Grupy, do których dodać tę grupę" +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Kontrola wyliczania zaufanych domen" -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "Grupy, z których usunąć tę grupę" +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Jak często odświeżać listę poddomen" -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "Proszę podać grupę, z której usunąć\n" +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Lista opcji dziedziczonych przez poddomenę" -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "Proszę podać grupę do zmodyfikowania\n" +#~ msgid "Default subdomain homedir value" +#~ msgstr "Domyślna wartość katalogu domowego poddomeny" -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"Nie można odnaleźć grupy w lokalnej domenie, modyfikowanie grup jest " -"dozwolone tylko w lokalnej domenie\n" +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "" +#~ "Jak długo dane uwierzytelniania w pamięci podręcznej mogą być używane do " +#~ "uwierzytelniania w pamięci podręcznej" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "Członkowie grupy muszą być w tej samej domenie co grupa nadrzędna\n" +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "Czy automatycznie tworzyć prywatne grupy dla użytkowników" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"Nie można odnaleźć grupy %1$s w lokalnej domenie, tylko grupy w lokalnej " -"domenie są dozwolone\n" +#~ msgid "IPA domain" +#~ msgstr "Domena IPA" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"Nie można zmodyfikować grupy — proszę sprawdzić, czy nazwy członków grupy są " -"poprawne\n" +#~ msgid "IPA server address" +#~ msgstr "Adres serwera IPA" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"Nie można zmodyfikować grupy — proszę sprawdzić, czy nazwa grupy jest " -"poprawna\n" +#~ msgid "Address of backup IPA server" +#~ msgstr "Adres zapasowego serwera IPA" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "Błąd transakcji. Nie można zmodyfikować grupy.\n" +#~ msgid "IPA client hostname" +#~ msgstr "Nazwa komputera klienta IPA" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Prywatne magic " +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$sGrupa: %3$s\n" +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$sNumer GID: %2$d\n" +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "%1$sUżytkownicy będący członkami: " +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$sJest członkiem: " +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie " +#~ "zignorowany" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"%1$sGrupy będące członkami: " +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "Położenie automountera, którego używa ten klient IPA" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "Rekursywnie drukuje niebezpośrednich członków grupy" +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "" +#~ "Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "Proszę podać grupę do wyświetlenia\n" +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "" +#~ "Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach " +#~ "identyfikatorów" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"Nie ma takiej grupy w lokalnej domenie. Drukowanie grup jest dozwolone tylko " -"w lokalnej domenie.\n" +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "Włącza witryny DNS — wykrywanie usług na podstawie położenia" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "Wewnętrzny błąd. Nie można wydrukować grupy.\n" +#~ msgid "Search base for view containers" +#~ msgstr "Podstawa wyszukiwania dla widoku kontenerów" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "Usuwa katalog domowy i bufor poczty" +#~ msgid "Objectclass for view containers" +#~ msgstr "Klasa obiektu dla widoku kontenerów" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "Nie usuwa katalogu domowego i bufora poczty" +#~ msgid "Attribute with the name of the view" +#~ msgstr "Atrybut z nazwą widoku" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "Wymusza usunięcie plików, których właścicielem nie jest użytkownik" +#~ msgid "Objectclass for override objects" +#~ msgstr "Klasa obiektu dla obiektów zastępowania" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "Usuwa procesy użytkownika przed jego usunięciem" +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "Atrybut z odniesieniem do pierwotnego obiektu" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "Proszę podać użytkownika do usunięcia\n" +#~ msgid "Objectclass for user override objects" +#~ msgstr "Klasa obiektu dla obiektów zastępowania użytkownika" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "" -"Użytkownik %1$s jest poza określonym zakresem identyfikatorów dla domeny\n" +#~ msgid "Objectclass for group override objects" +#~ msgstr "Klasa obiektów dla obiektów zastępowania grup" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "Nie można przywrócić kontekstu loginu SELinuksa\n" +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "" +#~ "Podstawa wyszukiwania pod kątem obiektów związanych z profilem pulpitu" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"OSTRZEŻENIE: użytkownik (UID %1$lu) był zalogowany podczas jego usunięcia.\n" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "Czas w sekundach między wyszukiwaniami reguł profilu pulpitu w serwerze " +#~ "IPA" -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "Nie można określić, czy użytkownik był zalogowany na tej platformie" +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "Czas w minutach między wyszukiwaniami reguł profilów pulpitu w serwerze " +#~ "IPA, kiedy ostatnie żądanie nie odnalazło żadnej reguły" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "Błąd podczas sprawdzania, czy użytkownik był zalogowany\n" +#~ msgid "Active Directory domain" +#~ msgstr "Domena Active Directory" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "Polecenie po usunięciu nie powiodło się: %1$s\n" +#~ msgid "Enabled Active Directory domains" +#~ msgstr "Włączone domeny Active Directory" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "" -"Katalog domowy nie zostanie usunięty — użytkownik nie jest właścicielem\n" +#~ msgid "Active Directory server address" +#~ msgstr "Adres serwera Active Directory" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "Nie można usunąć katalogu domowego: %1$s\n" +#~ msgid "Active Directory backup server address" +#~ msgstr "Adres zapasowego serwera Active Directory" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"Nie ma takiego użytkownika w lokalnej domenie. Usuwanie użytkowników jest " -"dozwolone tylko w lokalnej domenie.\n" +#~ msgid "Active Directory client hostname" +#~ msgstr "Nazwa komputera klienta Active Directory" -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "Wewnętrzny błąd. Nie można usunąć użytkownika.\n" +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Filtr LDAP do określenia uprawnień dostępu" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "GID użytkownika" +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Czy używać Global Catalog do wyszukiwań" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "Grupy, do których dodać tego użytkownika" +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Tryb działania dla kontroli dostępu opartej na GPO" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "Grupy, z których usunąć tego użytkownika" +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "Czas między wyszukiwaniami plików polityki GPO w serwerze AD" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "Zablokowanie konta" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Nazwy usług PAM mapujących do ustawień polityki GPO " +#~ "(Deny)InteractiveLogonRight" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "Odblokowanie konta" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "Nazwy usług PAM mapujących do ustawień polityki GPO " +#~ "(Deny)RemoteInteractiveLogonRight" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "Dodaje parę atrybut/wartość. Format to nazwaatrybutu=wartość." +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Nazwy usług PAM mapujących do ustawień polityki GPO " +#~ "(Deny)NetworkLogonRight" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "Usuwa parę atrybut/wartość. Format to nazwaatrybutu=wartość." +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)BatchLogonRight" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"Ustawia atrybut pary nazwa/wartość. Format to nazwaatrybutu=wartość. " -"W przypadku atrybutów o wielu wartościach polecenie zastępuje obecne już " -"wartości" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Nazwy usług PAM mapujących do ustawień polityki GPO " +#~ "(Deny)ServiceLogonRight" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "Podaje atrybuty parom nazwa/atrybut\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "" +#~ "Nazwy usług PAM, dla których zawsze udzielany jest dostęp oparty na GPO" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "Proszę podać użytkownika do zmodyfikowania\n" +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "" +#~ "Nazwy usług PAM, dla których zawsze odmawiany jest dostęp oparty na GPO" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"Nie można odnaleźć użytkownika w lokalnej domenie, modyfikowanie " -"użytkowników jest dozwolone tylko w lokalnej domenie\n" +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Domyślne uprawnienie logowania (lub zezwolenie/odmowa) do użycia dla " +#~ "niemapowanych nazw usług PAM" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"Nie można zmodyfikować użytkownika — proszę sprawdzić, czy nazwy grup są " -"poprawne\n" +#~ msgid "a particular site to be used by the client" +#~ msgstr "konkretna strona używana przez klienta" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"Nie można zmodyfikować użytkownika — czy użytkownik jest już członkiem " -"grup?\n" +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "" +#~ "Maksymalny wiek w dniach przed wymaganiem odnowienia hasła konta komputera" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n" +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "Opcja dostrajania zadania odnawiania konta komputera" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n" +#~ msgid "Kerberos server address" +#~ msgstr "Adres serwera Kerberos" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "Nie można unieważnić %1$s\n" +#~ msgid "Kerberos backup server address" +#~ msgstr "Adres zapasowego serwera Kerberos" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "Nie można unieważnić %1$s %2$s\n" +#~ msgid "Kerberos realm" +#~ msgstr "Obszar Kerberos" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "Unieważnia wszystkie wpisy w pamięci podręcznej" +#~ msgid "Authentication timeout" +#~ msgstr "Czas oczekiwania na uwierzytelnienie" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "Unieważnia podanego użytkownika" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Określa, czy tworzyć pliki kdcinfo" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "Unieważnia wszystkich użytkowników" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Gdzie umieścić wstawki konfiguracji krb5" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "Unieważnia podaną grupę" +#~ msgid "Directory to store credential caches" +#~ msgstr "" +#~ "Katalog do przechowywania pamięci podręcznych danych uwierzytelniających" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "Unieważnia wszystkie grupy" +#~ msgid "Location of the user's credential cache" +#~ msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "Unieważnia podaną grupę sieciową" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "Unieważnia wszystkie grupy sieciowe" +#~ msgid "Enable credential validation" +#~ msgstr "Włącza sprawdzanie danych uwierzytelniających" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "Unieważnia podaną usługę" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "Przechowuje hasło, jeśli w trybie offline do późniejszego " +#~ "uwierzytelnienia w trybie online" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "Unieważnia wszystkie usługi" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Odnawialny czas trwania TGT" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "Unieważnia podaną mapę autofs" +#~ msgid "Lifetime of the TGT" +#~ msgstr "Czas trwania TGT" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "Unieważnia wszystkie mapy autofs" +#~ msgid "Time between two checks for renewal" +#~ msgstr "Czas między dwoma sprawdzaniami odnowy" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "Unieważnia konkretny komputer SSH" +#~ msgid "Enables FAST" +#~ msgstr "Włącza FAST" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "Unieważnia wszystkie komputery SSH" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Wybiera naczelnika do użycia dla FAST" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "Unieważnia podaną regułę sudo" +#~ msgid "Enables principal canonicalization" +#~ msgstr "Włącza ujednolicanie naczelnika" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "Unieważnia wszystkie reguły sudo w pamięci podręcznej" +#~ msgid "Enables enterprise principals" +#~ msgstr "Włącza naczelników enterprise" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "Unieważnia wpisy tylko z podanej domeny" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "Mapa nazw użytkowników do nazw naczelników Kerberos" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" -"Podano nieoczekiwane parametry, opcje unieważniające jeden obiekt przyjmują " -"tylko jeden podany parametr.\n" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje " +#~ "się w KDC" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, adres URI serwera LDAP" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"Nie można otworzyć domeny %1$s. Jeśli domena jest poddomeną (zaufaną " -"domeną), należy użyć w pełni kwalifikowanej nazwy zamiast parametru --" -"domain/-d.\n" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, adres URI serwera LDAP" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "Nie można otworzyć dostępnych domen\n" +#~ msgid "The default base DN" +#~ msgstr "Domyślna podstawowa DN" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "Nazwa „%1$s” nie jest FQDN (ustawione jest „%2$s = TRUE”)\n" +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307" -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "Brak pamięci\n" +#~ msgid "Mode used to change user password" +#~ msgstr "Tryb używany do zmiany hasła użytkownika" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s musi zostać uruchomione jako root\n" +#~ msgid "The default bind DN" +#~ msgstr "Domyślne DN dowiązania" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "tak" +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "nie" +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Token uwierzytelniania domyślnego DN dowiązania" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "błąd" +#~ msgid "Length of time to attempt connection" +#~ msgstr "Czas do próby połączenia" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "Nieprawidłowy wynik." +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Czas do próby synchronicznych działań LDAP" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "Nie można odczytać wejścia użytkownika\n" +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Czas między próbami ponownego połączenia w trybie offline" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "Nieprawidłowe wejście, proszę podać „%s” lub „%s”.\n" +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Użycie tylko wielkich znaków w nazwach obszarów" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "Błąd podczas wykonywania polecenia zewnętrznego\n" +#~ msgid "File that contains CA certificates" +#~ msgstr "Plik zawierający certyfikaty CA" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "Usługa SSSD musi być uruchomiona. Uruchomić ją teraz?" +#~ msgid "Path to CA certificate directory" +#~ msgstr "Ścieżka do katalogu certyfikatów CA" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "Usługa SSSD nie może być uruchomiona. Zatrzymać ją teraz?" +#~ msgid "File that contains the client certificate" +#~ msgstr "Plik zawierający certyfikat klienta" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "Usługa SSSD musi zostać ponownie uruchomiona. Zrobić to teraz?" +#~ msgid "File that contains the client key" +#~ msgstr "Plik zawierający klucz klienta" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr " %s nie jest w pamięci podręcznej.\n" +#~ msgid "List of possible ciphers suites" +#~ msgstr "Lista możliwych zestawów szyfrów" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "Nazwa" +#~ msgid "Require TLS certificate verification" +#~ msgstr "Wymaga sprawdzenia certyfikatu TLS" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "Data utworzenia wpisu pamięci podręcznej" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Podaje używany mechanizm SASL" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "Czas ostatniej aktualizacji wpisu pamięci podręcznej" +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Podaje używany identyfikator upoważnienia SASL" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "Czas wygaśnięcia wpisu pamięci podręcznej" +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Podaje obszar upoważnienia SASL do użycia" -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "Umieszczono w pamięci podręcznej w InfoPipe" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "Błąd: nie można uzyskać obiektu [%d]: %s\n" +#~ msgid "Kerberos service keytab" +#~ msgstr "Tablica kluczy usługi Kerberos" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "%s: nie można odczytać wartości [%d]: %s\n" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "Należy podać nazwę." +#~ msgid "Follow LDAP referrals" +#~ msgstr "Podąża za odsyłaniami LDAP" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "Nie można przetworzyć nazwy %s.\n" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Czas trwania TGT dla połączenia LDAP" -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "Wyszukuje według SID" +#~ msgid "How to dereference aliases" +#~ msgstr "Jak wskazywać aliasy" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "Wyszukuje według identyfikatorów użytkowników" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Nazwa usługi do wyszukiwań usługi DNS" -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "Czas wygaśnięcia grup inicjacji" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP" -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "Wyszukuje według identyfikatorów grup" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "Suma liczb, których musi brakować, aby wywołać pełne „deref”" -#: src/tools/sssctl/sssctl_config.c:70 -#, fuzzy, c-format -msgid "Failed to open %s\n" -msgstr "Nie można przetworzyć nazwy %s.\n" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Określa, czy biblioteka LDAP ma wykonywać odwrotne wyszukanie, aby " +#~ "ujednolicić nazwę komputera podczas dowiązania SASL" -#: src/tools/sssctl/sssctl_config.c:75 -#, fuzzy, c-format -msgid "File %1$s does not exist.\n" -msgstr "Gniazdo SSSD nie istnieje." +#~ msgid "entryUSN attribute" +#~ msgstr "Atrybut entryUSN" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" -"Sprawdzenie właściciela i uprawnień pliku się nie powiodło. Oczekiwano root:" -"root i 0600.\n" +#~ msgid "lastUSN attribute" +#~ msgstr "Atrybut lastUSN" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Wyłącza kontrolę stronicowania LDAP" -#: src/tools/sssctl/sssctl_config.c:99 -#, fuzzy -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" -"Plik %1$s nie istnieje. Usługa SSSD użyje domyślnej konfiguracji z dostawcą " -"plików.\n" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Wyłącza pobieranie zakresu Active Directory" -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Czas oczekiwania na żądanie wyszukiwania" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "Problemy zidentyfikowane przez programy sprawdzające poprawność: %zu\n" +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Czas oczekiwania na żądanie wyliczenia" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "Komunikaty utworzone podczas łączenia konfiguracji: %zu\n" +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Czas między aktualizacjami wyliczania" -#: src/tools/sssctl/sssctl_config.c:137 -#, fuzzy, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "Użyte pliki wstawek konfiguracji: %u\n" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Czas między czyszczeniem pamięci podręcznej" -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "Nie można utworzyć katalogu kopii zapasowej [%d]: %s" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Wymaga TLS dla wyszukiwania identyfikatorów" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "Kopia zapasowa SSSD lokalnych danych już istnieje, zastąpić?" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych " +#~ "identyfikatorów" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "Nie można wyeksportować zastąpień użytkownika\n" +#~ msgid "Base DN for user lookups" +#~ msgstr "Podstawowe DN dla wyszukiwania użytkowników" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "Nie można wyeksportować zastąpień grupy\n" +#~ msgid "Scope of user lookups" +#~ msgstr "Zakres wyszukiwania użytkowników" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "Zastępuje istniejącą kopię zapasową" +#~ msgid "Filter for user lookups" +#~ msgstr "Filtruje wyszukiwania użytkowników" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "Nie można zaimportować zastąpień użytkownika\n" +#~ msgid "Objectclass for users" +#~ msgstr "Klasa obiektów dla użytkowników" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "Nie można zaimportować zastąpień grupy\n" +#~ msgid "Username attribute" +#~ msgstr "Atrybut nazwy użytkownika" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "Uruchamia usługę SSSD, jeśli nie jest uruchomiona" +#~ msgid "UID attribute" +#~ msgstr "Atrybut UID" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "Ponownie uruchamia usługę SSSD po imporcie danych" +#~ msgid "Primary GID attribute" +#~ msgstr "Pierwszy atrybut GID" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "Tworzy czyste pliki pamięci podręcznej i importuje lokalne dane" +#~ msgid "GECOS attribute" +#~ msgstr "Atrybut GECOS" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "Zatrzymuje usługę SSSD przed usunięciem pamięci podręcznej" +#~ msgid "Home directory attribute" +#~ msgstr "Atrybut katalogu domowego" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "Uruchamia usługę SSSD po usunięciu pamięci podręcznej" +#~ msgid "Shell attribute" +#~ msgstr "Atrybut powłoki" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "Tworzenie kopii zapasowej lokalnych danych…\n" +#~ msgid "UUID attribute" +#~ msgstr "Atrybut UUID" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" -"Nie można utworzyć kopii zapasowej lokalnych danych, nie można usunąć " -"pamięci podręcznej.\n" +#~ msgid "objectSID attribute" +#~ msgstr "Atrybut objectSID" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "Usuwanie plików pamięci podręcznej…\n" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "" +#~ "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "Nie można usunąć plików pamięci podręcznej\n" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Atrybut głównego użytkownika (dla Kerberos)" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "Przywracanie lokalnych danych…\n" +#~ msgid "Full Name" +#~ msgstr "Imię i nazwisko" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "Wyświetla listę domen, w tym główny i zaufany typ domeny" +#~ msgid "memberOf attribute" +#~ msgstr "Atrybut memberOf" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "Nie można połączyć się z magistralą systemową.\n" +#~ msgid "Modification time attribute" +#~ msgstr "Atrybut czasu modyfikacji" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "Online" +#~ msgid "shadowLastChange attribute" +#~ msgstr "Atrybut shadowLastChange" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "Offline" +#~ msgid "shadowMin attribute" +#~ msgstr "Atrybut shadowMin" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "Stan online: %s\n" +#~ msgid "shadowMax attribute" +#~ msgstr "Atrybut shadowMax" -#: src/tools/sssctl/sssctl_domains.c:213 -#, fuzzy -msgid "This domain has no active servers.\n" -msgstr "Wyświetla informacje o aktywnym serwerze" +#~ msgid "shadowWarning attribute" +#~ msgstr "Atrybut shadowWarning" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "Aktywne serwery:\n" +#~ msgid "shadowInactive attribute" +#~ msgstr "Atrybut shadowInactive" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "nie połączono" +#~ msgid "shadowExpire attribute" +#~ msgstr "Atrybut shadowExpire" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "shadowFlag attribute" +#~ msgstr "Atrybut shadowFlag" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "Wykryte serwery (%s):\n" +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Atrybut zawierający listę upoważnionych usług PAM" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "Jeszcze nic.\n" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "Wyświetla stan online" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "Atrybut zawierający listę upoważnionych rhosts serwera" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "Wyświetla informacje o aktywnym serwerze" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "Atrybut krbLastPwdChange" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "Wyświetla listę wykrytych serwerów" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "Atrybut krbPasswordExpiration" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "Należy podać nazwę domeny." +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "Brak pamięci.\n" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "Atrybut accountExpires AD" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "Nie można uzyskać stanu online\n" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "Atrybut userAccountControl AD" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "Nie można uzyskać listy serwerów\n" +#~ msgid "nsAccountLock attribute" +#~ msgstr "Atrybut nsAccountLock" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "Atrybut loginDisabled NDS" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "Usuwa pliki dziennika zamiast ich skracania" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "Atrybut loginExpirationTime NDS" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "Usuwanie plików dziennika…\n" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "Atrybut loginAllowedTimeMap NDS" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "Nie można usunąć plików dziennika\n" +#~ msgid "SSH public key attribute" +#~ msgstr "Atrybut klucza publicznego SSH" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "Skracanie plików dziennika…\n" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "" +#~ "atrybut zawierający listę dozwolonych typów uwierzytelniania dla " +#~ "użytkownika" -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "Nie można skrócić plików dziennika\n" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "atrybut zawierający certyfikat X509 użytkownika" -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "Brak pamięci." +#~ msgid "attribute containing the email address of the user" +#~ msgstr "atrybut zawierający adres e-mail użytkownika" -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "Archiwizowanie plików dziennika w %s…\n" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika" -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "Nie można zarchiwizować plików dziennika\n" +#~ msgid "Base DN for group lookups" +#~ msgstr "Podstawowe DN dla wyszukiwania grup" -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "Podaje poziom debugowania do ustawienia" +#~ msgid "Objectclass for groups" +#~ msgstr "Klasa obiektów dla grup" -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "Wynik wyszukiwania użytkownika InfoPipe usługi SSSD:\n" +#~ msgid "Group name" +#~ msgstr "Nazwa grupy" -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "dlopen się nie powiodło z [%s].\n" +#~ msgid "Group password" +#~ msgstr "Hasło grupy" -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "dlsym się nie powiodło z [%s].\n" +#~ msgid "GID attribute" +#~ msgstr "Atrybut GID" -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "malloc się nie powiodło.\n" +#~ msgid "Group member attribute" +#~ msgstr "Atrybut elementu grupy" -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "sss_getpwnam_r się nie powiodło z [%d].\n" +#~ msgid "Group UUID attribute" +#~ msgstr "Atrybut UUID grupy" -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "Wynik wyszukiwania użytkownika NSS usługi SSSD:\n" +#~ msgid "Modification time attribute for groups" +#~ msgstr "Atrybut czasu modyfikacji grup" -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr " — nazwa użytkownika: %s\n" +#~ msgid "Type of the group and other flags" +#~ msgstr "Typ grupy i inne flagi" -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr " — identyfikator użytkownika: %d\n" +#~ msgid "The LDAP group external member attribute" +#~ msgstr "Atrybut zewnętrznego członka grupy LDAP" -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr " — identyfikator grupy: %d\n" +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała" -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr " — GECOS: %s\n" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr " — katalog domowy: %s\n" +#~ msgid "Objectclass for netgroups" +#~ msgstr "Klasa obiektów dla grup sieciowych" -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" -" — powłoka: %s\n" -"\n" +#~ msgid "Netgroup name" +#~ msgstr "Nazwa grupy sieciowej" -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "Działanie PAM [auth|acct|setc|chau|open|clos], domyślnie: " +#~ msgid "Netgroups members attribute" +#~ msgstr "Atrybut elementów grupy sieciowej" -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "Usługa PAM, domyślnie: " +#~ msgid "Netgroup triple attribute" +#~ msgstr "Potrójny atrybut grupy sieciowej" -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "Należy podać nazwę użytkownika." +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Atrybut czasu modyfikacji grup sieciowych" -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" -"użytkownik: %s\n" -"działanie: %s\n" -"usługa: %s\n" -"\n" +#~ msgid "Base DN for service lookups" +#~ msgstr "Podstawowe DN do wyszukiwania usług" -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "Wyszukanie nazwy użytkownika [%s] się nie powiodło.\n" +#~ msgid "Objectclass for services" +#~ msgstr "Klasa obiektów dla usług" -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "InfoPipe Wyszukanie użytkownika z [%s] się nie powiodło.\n" +#~ msgid "Service name attribute" +#~ msgstr "Atrybut nazwy usługi" -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "pam_start się nie powiodło: %s\n" +#~ msgid "Service port attribute" +#~ msgstr "Atrybut portu usługi" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" -"testowanie pam_authenticate\n" -"\n" +#~ msgid "Service protocol attribute" +#~ msgstr "Atrybut protokołu usługi" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "pam_get_item się nie powiodło: %s\n" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Niższa granica dla mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" -"pam_authenticate dla użytkownika [%s]: %s\n" -"\n" +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Wyższa granica dla mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" -"testowanie pam_chauthtok\n" -"\n" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "" +#~ "Liczba identyfikatorów dla każdego fragmentu podczas mapowania " +#~ "identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" -"pam_chauthtok: %s\n" -"\n" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "" -"testowanie pam_acct_mgmt\n" -"\n" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" -"pam_acct_mgmt: %s\n" -"\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID domyślnej domeny dla mapowania identyfikatorów" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" -"testowanie pam_setcred\n" -"\n" +#~ msgid "Number of secondary slices" +#~ msgstr "Liczba drugorzędnych fragmentów" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" -"pam_setcred: [%s]\n" -"\n" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Czy używać Token-Groups" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "" -"testowanie pam_open_session\n" -"\n" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" -"pam_open_session: %s\n" -"\n" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "" -"testowanie pam_close_session\n" -"\n" +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN dla zapytań polityki" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" -"pam_close_session: %s\n" -"\n" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "Ile maksymalnie wpisów pobierać podczas żądania z wieloznacznikiem" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "nieznane działanie\n" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Polityka do oszacowania wygaszenia hasła" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "Środowisko PAM:\n" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "Które atrybuty mają być używane do sprawdzenia, czy konto wygasło" -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr " — brak środowiska —\n" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "Które reguły mają być używane do sprawdzania kontroli dostępu" -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "Identyfikator użytkownika, jako który uruchomić serwer" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "Identyfikator grupy, jako którą uruchomić serwer" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "Informuje, że program odpowiadający został aktywowany gniazdem" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP" -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "Informuje, że program odpowiadający został aktywowany magistralą D-Bus" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po " +#~ "zmianie hasła" + +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Podstawowe DN dla wyszukiwań reguł sudo" + +#~ msgid "Automatic full refresh period" +#~ msgstr "Okres między automatycznymi pełnymi odświeżeniami" + +#~ msgid "Automatic smart refresh period" +#~ msgstr "Okres między automatycznymi inteligentnymi odświeżeniami" + +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci" + +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Nazwy komputerów lub w pełni kwalifikowane nazwy domen tego komputera do " +#~ "filtrowania reguł sudo" + +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo" + +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie " +#~ "komputera" + +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie " +#~ "komputera" + +#~ msgid "Object class for sudo rules" +#~ msgstr "Klasa obiektów dla reguł sudo" + +#~ msgid "Name of attribute that is used as object class for sudo rules" +#~ msgstr "Nazwa atrybutu używanego jako klasa obiektów dla reguł sudo" + +#~ msgid "Sudo rule name" +#~ msgstr "Nazwa reguły sudo" + +#~ msgid "Sudo rule command attribute" +#~ msgstr "Atrybut polecenia reguły sudo" + +#~ msgid "Sudo rule host attribute" +#~ msgstr "Atrybut komputera reguły sudo" + +#~ msgid "Sudo rule user attribute" +#~ msgstr "Atrybut użytkownika reguły sudo" + +#~ msgid "Sudo rule option attribute" +#~ msgstr "Atrybut opcji reguły sudo" + +#~ msgid "Sudo rule runas attribute" +#~ msgstr "Atrybut runas reguły sudo" + +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "Atrybut runasuser reguły sudo" + +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Atrybut runasgroup reguły sudo" + +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Atrybut notbefore reguły sudo" + +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Atrybut notafter reguły sudo" + +#~ msgid "Sudo rule order attribute" +#~ msgstr "Atrybut kolejności reguły sudo" + +#~ msgid "Object class for automounter maps" +#~ msgstr "Klasa obiektów dla map automountera" + +#~ msgid "Automounter map name attribute" +#~ msgstr "Atrybut nazwy mapy automountera" + +#~ msgid "Object class for automounter map entries" +#~ msgstr "Klasa obiektów dla wpisów map automountera" + +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Atrybut klucza wpisu mapy automountera" + +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Atrybut wartości wpisu mapy automountera" + +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Podstawowe DN dla wyszukiwań map automountera" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Lista zabronionych użytkowników oddzielonych przecinkami" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Domyślna powłoka, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Podstawa katalogów domowych" + +#~ msgid "The number of preforked proxy children." +#~ msgstr "Liczba elementów potomnych pośrednika przed rozwidleniem." + +#~ msgid "The name of the NSS library to use" +#~ msgstr "Nazwa używanej biblioteki NSS" + +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "" +#~ "Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, " +#~ "jeśli to możliwe" + +#~ msgid "PAM stack to use" +#~ msgstr "Używany stos PAM" + +#~ msgid "Path of passwd file sources." +#~ msgstr "Ścieżka źródeł pliku „passwd”." + +#~ msgid "Path of group file sources." +#~ msgstr "Ścieżka źródeł pliku „group”." diff --git a/po/pt.po b/po/pt.po index 6f983d38af..118df0b0b8 100644 --- a/po/pt.po +++ b/po/pt.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -19,1546 +19,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Definir a verbosidade dos registos de depuração" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Incluir data e hora nos registos de depuração" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Gravar as mensagens de depuração em ficheiros de registo" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Comando para iniciar serviço" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Número de vezes para tentar ligação aos Fornecedores de Dados" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Serviços SSSD a iniciar" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Domínios SSSD a iniciar" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Limite de tempo para mensagens enviadas sobre SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Expressão regular para obter nome do utilizar e domínio" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Formato compatível com o printf para apresentar nomes completos" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Validade da cache de enumeração (segundos)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Validade da actualização da cache em segundo plano (segundos)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Validade da cache negativa (segundos)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Utilizadores que o SSSD devem explicitamente ignorar" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Grupos que o SSSD devem explicitamente ignorar" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Devem os utilizadores filtrados aparecer em grupos" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "O valor do campo da senha que o fornecedor NSS deve retornar" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões " -"online (dias)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" -"Quantas tentativas falhadas de inicio de sessão são permitidas quando offline" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Quanto tempo (minutos) para negar a sessão após " -"offline_failed_login_attempts ter sido atingido" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Fornecedor de identidade" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Fornecedor de autenticação" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Fornecedor de controle de acesso" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Fornecedor de Alteração de Senha" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "ID de utilizador mínimo" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "ID de utilizador máximo" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Permitir enumeração de todos os utilizadores/grupos" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Efectuar cache de credenciais para sessões em modo desligado" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Apresentar utilizadores/grupos na forma completa" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Validade da cache (segundos)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Restringir ou preferir famílias de endereços especificas quando efectua " -"consultas DNS" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões " -"bem sucedidas (dias)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Domínio IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Endereço do servidor IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Nome da máquina do cliente IPA" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Endereço do servidor Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Reino Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Tempo de expiração da autenticação" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Directório para armazenar as caches de credenciais" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Localização da cache de credenciais dos utilizadores" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Localização da tabela de chaves (keytab) para validar credenciais" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Activar validação de credenciais" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" -"Servidor onde está em execução o serviço de alteração de senha, se não " -"coincide com o KDC" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, O URI do servidor LDAP" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "A base DN por omissão" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "O DN por omissão para a ligação" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "O tipo de token de autenticação do bind DN por omissão" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "O token de autenticação do bind DN por omissão" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Período de tempo para tentar ligação" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Tempo de espera para tentar operações LDAP síncronas" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Ficheiro que contêm os certificados CA" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Caminho para o directório do certificado CA" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Obriga a verificação de certificados TLS" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Especificar mecanismo sasl a utilizar" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Especifique o id sasl para utilizar na autorização" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Separador chave do serviço Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Utilizar autenticação Kerberos para ligações LDAP" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Seguir os referrals LDAP" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Tempo de espera por um pedido de pesquisa" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Período de tempo entre enumeração de actualizações" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Requer TLS para consultas de ID" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "DN base para pesquisa de utilizadores" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Âmbito das pesquisas do utilizador" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filtro para as pesquisas do utilizador" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass para utilizadores" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Atributo do nome do utilizador" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Atributo UID" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Atributo GID primário" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Atributo GECOS" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Atributo da pasta pessoal" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Atributo da Shell" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Atributo principal do utilizador (para Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Nome Completo" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Atributo memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Atributo da alteração da data" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Politica para avaliar a expiração da senha" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Lista de utilizadores autorizados separados por vírgulas" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Lista de utilizadores não autorizados separados por vírgulas" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Shell pré-definida, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Directório base para as pastas pessoais" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "O nome da biblioteca NSS a utilizar" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Stack PAM a utilizar" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Tornar-se num serviço (omissão)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Executar interactivamente (não como serviço)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Especificar um ficheiro de configuração não standard" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Nível de depuração" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Adicionar tempos na depuração" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Um descritor de ficheiro aberto para os registos de depuração" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1598,7 +107,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Domínio do fornecedor de informação (obrigatório)" @@ -2429,7 +938,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2606,44 +1115,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2852,3 +1361,271 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Definir a verbosidade dos registos de depuração" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Incluir data e hora nos registos de depuração" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Gravar as mensagens de depuração em ficheiros de registo" + +#~ msgid "Command to start service" +#~ msgstr "Comando para iniciar serviço" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Número de vezes para tentar ligação aos Fornecedores de Dados" + +#~ msgid "SSSD Services to start" +#~ msgstr "Serviços SSSD a iniciar" + +#~ msgid "SSSD Domains to start" +#~ msgstr "Domínios SSSD a iniciar" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Limite de tempo para mensagens enviadas sobre SBUS" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Expressão regular para obter nome do utilizar e domínio" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "Formato compatível com o printf para apresentar nomes completos" + +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Validade da cache de enumeração (segundos)" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Validade da actualização da cache em segundo plano (segundos)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Validade da cache negativa (segundos)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Utilizadores que o SSSD devem explicitamente ignorar" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Grupos que o SSSD devem explicitamente ignorar" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Devem os utilizadores filtrados aparecer em grupos" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "O valor do campo da senha que o fornecedor NSS deve retornar" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Durante quanto tempo devem ser permitidas as caches de sessões entre " +#~ "sessões online (dias)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "" +#~ "Quantas tentativas falhadas de inicio de sessão são permitidas quando " +#~ "offline" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Quanto tempo (minutos) para negar a sessão após " +#~ "offline_failed_login_attempts ter sido atingido" + +#~ msgid "Identity provider" +#~ msgstr "Fornecedor de identidade" + +#~ msgid "Authentication provider" +#~ msgstr "Fornecedor de autenticação" + +#~ msgid "Access control provider" +#~ msgstr "Fornecedor de controle de acesso" + +#~ msgid "Password change provider" +#~ msgstr "Fornecedor de Alteração de Senha" + +#~ msgid "Minimum user ID" +#~ msgstr "ID de utilizador mínimo" + +#~ msgid "Maximum user ID" +#~ msgstr "ID de utilizador máximo" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Permitir enumeração de todos os utilizadores/grupos" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Efectuar cache de credenciais para sessões em modo desligado" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Apresentar utilizadores/grupos na forma completa" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Validade da cache (segundos)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Restringir ou preferir famílias de endereços especificas quando efectua " +#~ "consultas DNS" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Durante quanto tempo devem ser permitidas as caches de sessões entre " +#~ "sessões bem sucedidas (dias)" + +#~ msgid "IPA domain" +#~ msgstr "Domínio IPA" + +#~ msgid "IPA server address" +#~ msgstr "Endereço do servidor IPA" + +#~ msgid "IPA client hostname" +#~ msgstr "Nome da máquina do cliente IPA" + +#~ msgid "Kerberos server address" +#~ msgstr "Endereço do servidor Kerberos" + +#~ msgid "Kerberos realm" +#~ msgstr "Reino Kerberos" + +#~ msgid "Authentication timeout" +#~ msgstr "Tempo de expiração da autenticação" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Directório para armazenar as caches de credenciais" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Localização da cache de credenciais dos utilizadores" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Localização da tabela de chaves (keytab) para validar credenciais" + +#~ msgid "Enable credential validation" +#~ msgstr "Activar validação de credenciais" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Servidor onde está em execução o serviço de alteração de senha, se não " +#~ "coincide com o KDC" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, O URI do servidor LDAP" + +#~ msgid "The default base DN" +#~ msgstr "A base DN por omissão" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "O DN por omissão para a ligação" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "O tipo de token de autenticação do bind DN por omissão" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "O token de autenticação do bind DN por omissão" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Período de tempo para tentar ligação" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Tempo de espera para tentar operações LDAP síncronas" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Ficheiro que contêm os certificados CA" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Caminho para o directório do certificado CA" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Obriga a verificação de certificados TLS" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Especificar mecanismo sasl a utilizar" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Especifique o id sasl para utilizar na autorização" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Separador chave do serviço Kerberos" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Utilizar autenticação Kerberos para ligações LDAP" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Seguir os referrals LDAP" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Tempo de espera por um pedido de pesquisa" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Período de tempo entre enumeração de actualizações" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Requer TLS para consultas de ID" + +#~ msgid "Base DN for user lookups" +#~ msgstr "DN base para pesquisa de utilizadores" + +#~ msgid "Scope of user lookups" +#~ msgstr "Âmbito das pesquisas do utilizador" + +#~ msgid "Filter for user lookups" +#~ msgstr "Filtro para as pesquisas do utilizador" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass para utilizadores" + +#~ msgid "Username attribute" +#~ msgstr "Atributo do nome do utilizador" + +#~ msgid "UID attribute" +#~ msgstr "Atributo UID" + +#~ msgid "Primary GID attribute" +#~ msgstr "Atributo GID primário" + +#~ msgid "GECOS attribute" +#~ msgstr "Atributo GECOS" + +#~ msgid "Home directory attribute" +#~ msgstr "Atributo da pasta pessoal" + +#~ msgid "Shell attribute" +#~ msgstr "Atributo da Shell" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Atributo principal do utilizador (para Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Nome Completo" + +#~ msgid "memberOf attribute" +#~ msgstr "Atributo memberOf" + +#~ msgid "Modification time attribute" +#~ msgstr "Atributo da alteração da data" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Politica para avaliar a expiração da senha" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Lista de utilizadores autorizados separados por vírgulas" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Lista de utilizadores não autorizados separados por vírgulas" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Shell pré-definida, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Directório base para as pastas pessoais" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "O nome da biblioteca NSS a utilizar" + +#~ msgid "PAM stack to use" +#~ msgstr "Stack PAM a utilizar" diff --git a/po/pt_BR.po b/po/pt_BR.po index dc03ba6588..644d7ef577 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2015-10-27 08:15+0000\n" "Last-Translator: Marco Aurélio Krause \n" "Language-Team: Portuguese (Brazil)\n" @@ -14,1535 +14,55 @@ msgstr "" "X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Definir a verbosidade do log de depuração" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Incluir timestamps em logs de depuração" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Incluir microssegundos em timestamps em logs de depuração" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Escrever mensagens de depuração para arquivos de log" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Comando para iniciar o serviço" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Serviços SSSD para iniciar" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1582,7 +102,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2395,7 +915,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2572,44 +1092,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2818,3 +1338,21 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Definir a verbosidade do log de depuração" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Incluir timestamps em logs de depuração" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Incluir microssegundos em timestamps em logs de depuração" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Escrever mensagens de depuração para arquivos de log" + +#~ msgid "Command to start service" +#~ msgstr "Comando para iniciar o serviço" + +#~ msgid "SSSD Services to start" +#~ msgstr "Serviços SSSD para iniciar" diff --git a/po/ru.po b/po/ru.po index d8e586b207..88ed5ff1a4 100644 --- a/po/ru.po +++ b/po/ru.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2016-02-23 10:04+0000\n" "Last-Translator: Oleksii Levan \n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -22,1561 +22,55 @@ msgstr "" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Установить подробность журнала отладки" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Добавить отметки времени в журнал отладки" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Указывать микросекунды в отметках времени в журнале отладки" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Записывать отладочные сообщения в файлы журнала" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Команда для запуска службы" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Количество попыток подключения к поставщикам данных" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "Количество файловых дескрипторов, которые может открыть этот процесс" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Время простоя до автоматического отсоединения клиента" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Запускаемые службы SSSD" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Запускаемые домены SSSD" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Тайм-аут для сообщений, отправленных через SBUS" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Регулярное выражение для разбора имени пользователя и домена" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Printf-совместимый формат для отображения полностью определённых имён" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Каталог файловой системы, в котором SSSD должен сохранять файлы кеша повтора " -"Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Домен для имён без указанного компонента домена" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "Пользователь, чьи привилегии будут использоваться" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Все пробелы в именах пользователей и групп будут заменены этим символом" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Длина тайм-аута кэша перечисления (в секундах)" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Тайм-аут фонового обновления элемента списка кэша (в секундах)" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Отрицательная длина тайм-аута кэша (в секундах)" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Пользователи, которых SSSD должен явно игнорировать " - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Группы, которые SSSD должен явно игнорировать " - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Должны ли отфильтрованные пользователи появляться в группах" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Значение поля пароля, которое должен вернуть поставщик NSS" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"Переопределять значение домашнего каталога от поставщика учётных данных этим " -"значением" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Заменять пустое значение домашнего каталога от поставщика учётных данных " -"этим значением" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" -"Переопределять значение командной оболочки от поставщика учётных данных этим " -"значением" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" -"Список командных оболочек, с которыми пользователям разрешён вход в систему" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" -"Список командных оболочек, которые будут ветированы и заменены запасной " -"оболочкой" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Если командная оболочка из центрального каталога разрешена, но не доступна, " -"использовать эту как запасную" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" -"Оболочка, которая будет использоваться, если поставщиком оболочка не указана" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Насколько долго записи кеша в памяти будут оставаться действительными" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Разрешённый интервал кэшированных входов между интерактивными входами (в " -"днях)" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Разрешённое количество неудачных попыток неинтерактивного входа" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" -"Временной интервал (в минутах), в течение которого будет запрещён вход после " -"достижения offline_failed_login_attempts" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Поставщик данных для идентификации" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Поставщик данных для проверки подлинности" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Поставщик данных для контроля доступа" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Поставщик операции смены пароля" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Минимальный ID пользователя" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Максимальный ID пользователя" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Включить перечисление всех пользователей/групп" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Кэшировать учётные данные для неинтерактивного входа" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Отображать пользователей/группы в полной форме" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Тайм-аут элемента списка кэша (в секундах)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Ограничивать или предпочитать определённое семейство адресов при выполнении " -"запросов DNS" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Как долго хранить кэшированные элементы списка после последнего успешного " -"входа (в днях)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "Время ожидания ответа DNS при преобразовании имён серверов (секунд)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Доменная часть DNS-запроса поиска служб" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "Интерфейс, адрес которого будет использован для обновления DNS" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-домен" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "адрес сервера IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "имя узла клиента IPA" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "Если требуется автоматическое обновление записи в" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Фильтр LDAP для определения прав доступа" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Имя сервера Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Область действия Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Тайм-аут проверки подлинности" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Каталог для хранения кэшей учётных данных" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Расположения кэша учётных данных пользователей" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Расположение keytab-файла для проверки учётных данных" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Включить проверку учётных данных" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" -"При отсутствии соединения сохранить пароль и пройти аутентификацию позже" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, URI сервера LDAP " - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Base DN по умолчанию" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Bind DN по умолчанию" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Тип маркера проверки подлинности для bind DN по умолчанию" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Маркер проверки подлинности для bind DN по умолчанию" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Временной интервал для попытки соединения" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Временной интервал для попытки синхронизации операций LDAP" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" -"Временной интервал между попытками возобновления соединения в автономного " -"режиме" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Файл содержащий сертификаты CA" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Путь к каталогу с сертификатами CA" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Требуется проверка сертификата TLS" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Укажите механизм sasl" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Укажите идентификатор авторизации sasl" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Keytab-файл службы Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Следовать ссылкам LDAP" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Время жизни TGT для LDAP-соединений" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Временной интервал, в течение которого ожидать поискового запроса" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Временной интервал между обновлениями перечисления" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Требовать TLS для запросов ID" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Base DN для поиска" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Глубина поиска" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Фильтр поиска" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objectclass для пользователей" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Атрибут «username»" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Атрибут «UID»" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Атрибут «primary GID»" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Атрибут «GECOS»" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Атрибут домашнего каталога" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Атрибут оболочки" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Атрибут участника-пользователя (для Kerberos)" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Полное имя" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Атрибут memberOf" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Атрибут времени изменения" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Политика вычисления окончания срока действия пароля" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Разделённый запятыми список разрешённых пользователей" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Разделённый запятыми список запрещённых пользователей" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Оболочка по умолчанию, /bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Место для домашних каталогов" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Имя используемой библиотеки NSS" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Используемый стек PAM" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "Запускаться в качестве службы (по умолчанию)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "Запускаться интерактивно (не службой)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "Указать файл конфигурации" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "Уровень отладки" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "Добавить отладочные отметки времени" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "Открытый дескриптор файла для журналов отладки" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1616,7 +110,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "Домен поставщика информации (обязательный)" @@ -2446,7 +940,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2623,44 +1117,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2869,3 +1363,365 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Установить подробность журнала отладки" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Добавить отметки времени в журнал отладки" + +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Указывать микросекунды в отметках времени в журнале отладки" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Записывать отладочные сообщения в файлы журнала" + +#~ msgid "Command to start service" +#~ msgstr "Команда для запуска службы" + +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Количество попыток подключения к поставщикам данных" + +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Количество файловых дескрипторов, которые может открыть этот процесс" + +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "Время простоя до автоматического отсоединения клиента" + +#~ msgid "SSSD Services to start" +#~ msgstr "Запускаемые службы SSSD" + +#~ msgid "SSSD Domains to start" +#~ msgstr "Запускаемые домены SSSD" + +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Тайм-аут для сообщений, отправленных через SBUS" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "Регулярное выражение для разбора имени пользователя и домена" + +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Printf-совместимый формат для отображения полностью определённых имён" + +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Каталог файловой системы, в котором SSSD должен сохранять файлы кеша " +#~ "повтора Kerberos" + +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Домен для имён без указанного компонента домена" + +#~ msgid "The user to drop privileges to" +#~ msgstr "Пользователь, чьи привилегии будут использоваться" + +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Все пробелы в именах пользователей и групп будут заменены этим символом" + +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Длина тайм-аута кэша перечисления (в секундах)" + +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Тайм-аут фонового обновления элемента списка кэша (в секундах)" + +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Отрицательная длина тайм-аута кэша (в секундах)" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Пользователи, которых SSSD должен явно игнорировать " + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Группы, которые SSSD должен явно игнорировать " + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Должны ли отфильтрованные пользователи появляться в группах" + +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Значение поля пароля, которое должен вернуть поставщик NSS" + +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Переопределять значение домашнего каталога от поставщика учётных данных " +#~ "этим значением" + +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Заменять пустое значение домашнего каталога от поставщика учётных данных " +#~ "этим значением" + +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "" +#~ "Переопределять значение командной оболочки от поставщика учётных данных " +#~ "этим значением" + +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "" +#~ "Список командных оболочек, с которыми пользователям разрешён вход в " +#~ "систему" + +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Список командных оболочек, которые будут ветированы и заменены запасной " +#~ "оболочкой" + +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Если командная оболочка из центрального каталога разрешена, но не " +#~ "доступна, использовать эту как запасную" + +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "" +#~ "Оболочка, которая будет использоваться, если поставщиком оболочка не " +#~ "указана" + +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "" +#~ "Насколько долго записи кеша в памяти будут оставаться действительными" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Разрешённый интервал кэшированных входов между интерактивными входами (в " +#~ "днях)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "Разрешённое количество неудачных попыток неинтерактивного входа" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Временной интервал (в минутах), в течение которого будет запрещён вход " +#~ "после достижения offline_failed_login_attempts" + +#~ msgid "Identity provider" +#~ msgstr "Поставщик данных для идентификации" + +#~ msgid "Authentication provider" +#~ msgstr "Поставщик данных для проверки подлинности" + +#~ msgid "Access control provider" +#~ msgstr "Поставщик данных для контроля доступа" + +#~ msgid "Password change provider" +#~ msgstr "Поставщик операции смены пароля" + +#~ msgid "Minimum user ID" +#~ msgstr "Минимальный ID пользователя" + +#~ msgid "Maximum user ID" +#~ msgstr "Максимальный ID пользователя" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Включить перечисление всех пользователей/групп" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Кэшировать учётные данные для неинтерактивного входа" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Отображать пользователей/группы в полной форме" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Тайм-аут элемента списка кэша (в секундах)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Ограничивать или предпочитать определённое семейство адресов при " +#~ "выполнении запросов DNS" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Как долго хранить кэшированные элементы списка после последнего успешного " +#~ "входа (в днях)" + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "Время ожидания ответа DNS при преобразовании имён серверов (секунд)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Доменная часть DNS-запроса поиска служб" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "Интерфейс, адрес которого будет использован для обновления DNS" + +#~ msgid "IPA domain" +#~ msgstr "IPA-домен" + +#~ msgid "IPA server address" +#~ msgstr "адрес сервера IPA" + +#~ msgid "IPA client hostname" +#~ msgstr "имя узла клиента IPA" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "Если требуется автоматическое обновление записи в" + +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Фильтр LDAP для определения прав доступа" + +#~ msgid "Kerberos server address" +#~ msgstr "Имя сервера Kerberos" + +#~ msgid "Kerberos realm" +#~ msgstr "Область действия Kerberos" + +#~ msgid "Authentication timeout" +#~ msgstr "Тайм-аут проверки подлинности" + +#~ msgid "Directory to store credential caches" +#~ msgstr "Каталог для хранения кэшей учётных данных" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "Расположения кэша учётных данных пользователей" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Расположение keytab-файла для проверки учётных данных" + +#~ msgid "Enable credential validation" +#~ msgstr "Включить проверку учётных данных" + +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "" +#~ "При отсутствии соединения сохранить пароль и пройти аутентификацию позже" + +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)" + +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, URI сервера LDAP " + +#~ msgid "The default base DN" +#~ msgstr "Base DN по умолчанию" + +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307" + +#~ msgid "The default bind DN" +#~ msgstr "Bind DN по умолчанию" + +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Тип маркера проверки подлинности для bind DN по умолчанию" + +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Маркер проверки подлинности для bind DN по умолчанию" + +#~ msgid "Length of time to attempt connection" +#~ msgstr "Временной интервал для попытки соединения" + +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Временной интервал для попытки синхронизации операций LDAP" + +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "" +#~ "Временной интервал между попытками возобновления соединения в автономного " +#~ "режиме" + +#~ msgid "File that contains CA certificates" +#~ msgstr "Файл содержащий сертификаты CA" + +#~ msgid "Path to CA certificate directory" +#~ msgstr "Путь к каталогу с сертификатами CA" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "Требуется проверка сертификата TLS" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Укажите механизм sasl" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Укажите идентификатор авторизации sasl" + +#~ msgid "Kerberos service keytab" +#~ msgstr "Keytab-файл службы Kerberos" + +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения" + +#~ msgid "Follow LDAP referrals" +#~ msgstr "Следовать ссылкам LDAP" + +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Время жизни TGT для LDAP-соединений" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Временной интервал, в течение которого ожидать поискового запроса" + +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Временной интервал между обновлениями перечисления" + +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Требовать TLS для запросов ID" + +#~ msgid "Base DN for user lookups" +#~ msgstr "Base DN для поиска" + +#~ msgid "Scope of user lookups" +#~ msgstr "Глубина поиска" + +#~ msgid "Filter for user lookups" +#~ msgstr "Фильтр поиска" + +#~ msgid "Objectclass for users" +#~ msgstr "Objectclass для пользователей" + +#~ msgid "Username attribute" +#~ msgstr "Атрибут «username»" + +#~ msgid "UID attribute" +#~ msgstr "Атрибут «UID»" + +#~ msgid "Primary GID attribute" +#~ msgstr "Атрибут «primary GID»" + +#~ msgid "GECOS attribute" +#~ msgstr "Атрибут «GECOS»" + +#~ msgid "Home directory attribute" +#~ msgstr "Атрибут домашнего каталога" + +#~ msgid "Shell attribute" +#~ msgstr "Атрибут оболочки" + +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Атрибут участника-пользователя (для Kerberos)" + +#~ msgid "Full Name" +#~ msgstr "Полное имя" + +#~ msgid "memberOf attribute" +#~ msgstr "Атрибут memberOf" + +#~ msgid "Modification time attribute" +#~ msgstr "Атрибут времени изменения" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Политика вычисления окончания срока действия пароля" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Разделённый запятыми список разрешённых пользователей" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Разделённый запятыми список запрещённых пользователей" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Оболочка по умолчанию, /bin/bash" + +#~ msgid "Base for home directories" +#~ msgstr "Место для домашних каталогов" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "Имя используемой библиотеки NSS" + +#~ msgid "PAM stack to use" +#~ msgstr "Используемый стек PAM" diff --git a/po/sssd.pot b/po/sssd.pot index 8c00918821..04a6fb83f0 100644 --- a/po/sssd.pot +++ b/po/sssd.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -17,1535 +17,55 @@ msgstr "" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1585,7 +105,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2398,7 +918,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2575,44 +1095,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" diff --git a/po/sv.po b/po/sv.po index 646f33eee6..05cdbf9bcd 100644 --- a/po/sv.po +++ b/po/sv.po @@ -7,13 +7,14 @@ # Anders Jonsson , 2018. #zanata # Göran Uddeborg , 2018. #zanata # Göran Uddeborg , 2019. #zanata +# Anders Jonsson , 2020. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" -"PO-Revision-Date: 2019-09-29 04:12+0000\n" -"Last-Translator: Göran Uddeborg \n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" +"PO-Revision-Date: 2020-05-18 07:25+0000\n" +"Last-Translator: Anders Jonsson \n" "Language-Team: Swedish (http://www.transifex.com/projects/p/sssd/language/" "sv/)\n" "Language: sv\n" @@ -23,2950 +24,2604 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Ange pratsamhet för felsökningsloggning" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Inkludera tidsstämplar i felsökningsloggar" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Inkludera mikrosekunder i tidsstämplar i felsökningsloggar" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "Bli en demon (standard)" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Skriv felmeddelanden till loggfiler" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "Kör interaktivt (inte en demon)" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "Vakthundstidsgräns före tjänst startas om" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "Avaktivera netlink-gränssnittet" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Kommando för att starta tjänst" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "Ange en konfigurationsfil annan än standard" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Antal gånger att försöka ansluta till dataleverantörer" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "Uppdatera konfigurationsdatabasen, avsluta sedan" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "Antalet fildeskriptorer som får öppnas av denna svarare" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "Liknande --genconf, men uppdaterar endast den angivna sektionen" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "Inaktiv tid före en klient automatiskt kopplas ifrån" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "Skriv ut versionsnumret och avsluta" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "Inaktiv tid före den svarande automatiskt stängs av" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "SSSD kör redan\n" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "Fråga alltid alla cacharna före dataleverantörerna frågas" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "Felsökningsnivå" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "SSSD-tjänster att starta" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "Lägg till felsökningstidstämplar" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "SSSD-domäner att starta" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "Visa tidsstämplar med mikrosekunder" -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Tidsgräns för meddelanden skickade via SBUS" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "En öppen fildeskriptor för felsökningsloggarna" -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Reguljäruttryck för att tolka användarnamn och domän" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "Skicka felsökningsutdata direkt till standard fel." -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Printf-kompatibla format för att visa fullständigt kvalificerade namn" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "Användaren att skapa en FAST-ccache som" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Katalog på filsystemet där SSSD skall lagra sparade återspolningsfiler från " -"Kerberos." +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "Gruppen att skapa en FAST-ccache som" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Domän att lägga till till namn utan en domändel." +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "Kerberosrike att använda" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "Användaren att släppa behörigheter till" +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "Begärd livslängd på biljetten" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "Trimma certifikatverifikation" +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "Begärd förnybar livslängd på biljetten" -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" -"Alla mellanrum i grupp- eller användarnamn kommer att ersättas med detta " -"tecken" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "FAST-flaggor (”never”, ”try”, ”demand”)" -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" -"Trimma sssd till att beakta eller ignorera ändringar av netlink-tillståndet" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" +msgstr "Anger serverhuvudmannen att använda för FAST" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "Aktivera eller avaktivera den implicita fildomänen" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "Begär kanonisering av huvudmannanamnet" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "En specifik ordning på domänerna som skall slås upp" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "Använd en anpassad version av krb5_get_init_creds_password" -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Tidsgränslängd för uppräkningscache (sekunder)" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "Domän för informationsleverantören (obligatoriskt)" -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Tidsgränslängd för bakgrundsuppdateringar av postcache (sekunder)" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "Privilegierat uttag (socket) har fel ägarskap eller rättigheter." -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Tidsgränslängd för negativ cache (sekunder)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." +msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter." -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "Tidsgränslängd för negativ filcache (sekunder)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "Oväntat format på serverns kreditivmeddelande." -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Användare som SSSD uttryckligen skall bortse ifrån" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD körs inte av root." -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Grupper som SSSD uttryckligen skall bortse ifrån" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "SSSD-uttaget finns inte." -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Skall filtrerade användare förekomma i grupper" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "Kan inte ta status på SSSD-uttaget." -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Värdet på lösenordsfältet som NSS-leverantörer skall returnera" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "Ett fel uppstod, men ingen beskrivning kan hittas." -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "Åsidosätt hemkatalogvärdet från identitetsleverantören med detta värde" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" +msgstr "Oväntat fel vid sökning efter ett felmeddelande" -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Ersätt ett tomt hemkatalogvärde från identitetsleverantören med detta värde" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "Åtkomst nekas. " -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "Åsidosätt skalvärdet från identitetsleverantören med detta värde" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "Servermeddelande: " -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "Listan på skal användare får lov att logga in med" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "Lösenorden stämmer inte överens" -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "Listan på skal som kommer förbjudas, och ersättas med standardskalet" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." +msgstr "Återställning av lösenord av root stöds inte." -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Om ett skal lagrat i en central katalog är tillåtet men inte tillgängligt, " -"använd detta alternativ" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "Autentiserad med cachade kreditiv" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Skal att använda om leverantören inte listar något" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr ", ditt cache-lösenord kommer gå ut: " -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Hur länge sparade poster i minnet är giltiga" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "Ditt lösenord har gått ut. Du har en frist på %1$d inloggningar kvar." -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "Lista över användarattribut NSS-svaranden får publicera" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "Ditt lösenordet kommer gå ut om %1$d %2$s." -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Hur länge sparade inloggningar tillåts mellan online-inloggningar (dagar)" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "Autentisering nekas till: " -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Hur många misslyckade inloggningsförsök som tillåts i frånkopplat läge" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" +msgstr "Systemet är frånkopplat, ändring av lösenord är inte möjligt" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" msgstr "" -"Hur länge (minuter) som inloggning nekas efter att " -"frånkopplade_inloggningsförsök har nåtts" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "Vilka slags meddelanden som visas för användaren under autentisering" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "Filtrera PAM-svar skickade till pam_sss" +"Efter att ha ändrat OTP-lösenordet behöver du logga ut och tillbaka in för " +"att få en biljett" -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "Hur många sekunder identitetsinformationen hålls sparad för PAM-frågor" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "Lösenordsändringen misslyckades. " -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "Hur många dagar före ett lösenord går ut en varning skall visas" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "Nytt lösenord: " -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "Lista över betrodda uid:n eller användarnamn" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "Skriv det nya lösenordet igen: " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "Lista över domäner tillgängliga även för ej betrodda användare." +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "Första faktorn: " -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "Meddelande som skrivs när ett användarkonto har gått ut." +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "Andra faktorn (frivillig): " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "Meddelande som skrivs när ett användarkonto är låst." +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "Andra faktorn: " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "Tillåt certifikatbaserad/smartkortsautentisering." +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "Lösenord: " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "Sökväg till certifikatdatabasen med PKCS#11-moduler." +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "Första faktorn (nuvarande lösenord): " -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "Hur många sekunder kommer pam_sss vänta på p11_child att avsluta" +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "Nuvarande lösenord: " -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "Vilka PAM-tjänster tillåts att kontakta applikationsdomäner" +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "Tillåtna tjänster för användning av smartkort" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "Felsökningsnivån att köra med" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "Ytterligare tidsgräns att vänta på ett kort om begärt" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "SSSD-domäner att använda" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" -"PKCS#11 URI för att begränsa urvalet av enheter för smartkortsautentisering" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "Fel när lokalen sattes\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "Om tidsbaserade attribut i sudo-regler skall beräknas" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "Inte tillräckligt med minne\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" -"Om sant kommer SSSD byta tillbaka till ordningslogiken att lägre vinner" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "Ingen användare angiven\n" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" -"Maximalt antal regler som kan som kan uppdateras samtidigt. Om detta " -"överskrids utförs en fullständig uppdatering." +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "Fel vid uppslagning av publika nycklar\n" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" -"Om värdnamn och adresser i known_hosts-filen skall göras till kontrollsummor" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "Porten att använda för att ansluta till värden" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Hur många sekunder att behålla en värd i filen known_hosts efter att dess " -"värdnycklar begärdes" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "Skriv ut värdens publika ssh-nycklar" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "Sökväg till lagring av betrodda CA-certifikat" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "Felaktig port\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "Värden inte angiven\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "Sökvägen till proxy-kommandot måste vara absolut\n" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "Lista över UID:er eller användarnamn som tillåts komma åt PAC-svararen" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy: Det gick inte att slå upp värdnamnet %s\n" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "Hur länge PAC-data betraktas som giltiga" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "Användarens UID" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Lista över UID:er eller användarnamn som tillåts komma åt InfoPipe-svararen" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "Kommentarsträngen" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Lista över användarattribut InfoPipe får publicera" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Hemkatalogen" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "Leverantören där hemligheter kommer lagras i" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Inloggningsskalet" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "Det maximala antalet tillåtna nästlade behållare" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Grupper" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "Det maximala antalet hemligheter som kan lagras" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Skapa användarens katalog om den inte redan finns" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "Det maximala antalet hemligheter som kan lagras per UID" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "Skapa aldrig användarens katalog, åsidosätter konfigurationen" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "Den maximala laststorleken av hemligheter i kilobyte" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Ange en alternativ skelettkatalog" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "URL:en Custodia-servern lyssnar på" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "SELinux-användaren för användarens inloggning" -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "Metoden att använda vid autentisering mot en Custodia-server" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "Ange en grupp att lägga till till\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" -"Namnet på huvudena som kommer läggas till i en HTTP-begäran med värdet " -"definierat i auth_header_value" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "Ange en användare att lägga till\n" -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "Värdet sssd-hemligheter skulle använda till auth_header_name" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" -"Listan över huvuden att vidarebefordra till Custodia-servern tillsammans med " -"begäran" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Användarnamnet att använda vid autentisering mot en Custodia-server med " -"basic_auth" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Lösenordet att använda vid autentisering mot en Custodia-server med " -"basic_auth" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" -"Om sant verifieras motpartens certifikat om proxy_url använder protokollet " -"https" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" -"Om falskt får motpartens certifikat innehålla ett annat värdnamn än " -"proxy_url när protokollet https används" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "Sökväg till katalogen där certifikatutfärdares certifikat lagras" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "Sökväg till filen som innehåller serverns CA-certifikat" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "Sökväg till filen som innehåller klientens certifikat" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "Sökväg till filen som innehåller klientens privata nyckel" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Identitetsleverantör" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Autentiseringsleverantör" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Leverantör av åtkomstkontroll" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Leverantör av lösenordsändringar" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "SUDO-leverantör" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Autofs-leverantör" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Värdidentitetsleverantör" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "SELinux-leverantör" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "Sessionshanteringsleverantör" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "Huruvida domänen är användbar av OS:et eller av program" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Minsta användar-ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Största användar-ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Aktivera uppräkning av alla användare/grupper" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Cache-kreditiv för frånkopplad inloggning" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Visa användare/grupper i fullständigt kvalificerat format" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Inkludera inte gruppmedlemmar i gruppuppslagningar" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Tidsgränslängd för postcache (sekunder)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "Begränsa eller föredra en specifik adressfamilj vid DNS-uppslagningar" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" -"Hur länge cachade poster skall behållas efter senaste lyckade inloggning " -"(dagar)" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" -"Hur länge SSSD skall prata med en enskild DNS-server försöker med nästa " -"server (millisekunder)." - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" -"Hur länge SSSD skall fortsätta försöka slå upp en enskild DNS-fråga " -"(sekunder)." - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "Hur länge man väntar på svar från DNS när servrar slås upp (sekunder)" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Domändelen av DNS-frågan för tjänstedetektering" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" +msgstr "Fel vid initiering av verktygen — ingen lokal domän\n" -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "Åsidosätt GID-värdet från identitetsleverantören med detta värde" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "Fel vid initiering av verktygen\n" -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Behandla användarnamn som skiftlägeskänsliga" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "Ogiltig domän angiven i FQDN\n" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Hur ofta utgångna poster skall förnyas i bakgrunden" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "Internt fel vid tolkning av parametrar\n" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "Grupper måste finnas i samma domän som användaren\n" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "Hittar inte gruppen %1$s i den lokala domänen\n" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "Gränssnittet vars IP skall användas för dynamiska DNS-uppdateringar" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "Kan inte sätta standardvärden\n" -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Hur ofta klienternas DNS-poster periodiskt skall uppdateras" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" +msgstr "Den valda UID:n är utanför det tillåtna intervallet\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "Huruvida leverantören explicit skall uppdatera PTR-posten också" +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "Kan inte sätta SELinux-inloggningskontext\n" -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Huruvida verktyget nsupdate skall använda TCP som standard" +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "Kan inte få information om användaren\n" -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" -"Vilken sorts autentisering som skall användas för att utföra DNS-" -"uppdateringen" +"Användarens hemkatalog finns redan, kopierar inte data från " +"skelettkatalogen\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "Åsidosätt DNS-servern som används för att utföra DNS-uppdateringen" +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "Kan inte skapa användarens hemkatalog: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Styr uppräkning av betrodda domäner" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "Kan inte skapa användarens brevlåda: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Hur ofta skall listan över underdomäner uppdateras" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "Det gick inte att allokera ID för användaren - full domän?\n" -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Lista över flaggor som skall ärvas in i en underdomän" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" +msgstr "En användare eller grupp med samma namn eller ID finns redan\n" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "Standard hemkatalogvärde för underdomäner" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "Transaktionsfel. Det gick inte att lägga till användaren.\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "Hur länge cachade kreditiv får användas för cachad autentisering" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "GID:t för gruppen" -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "Huruvida privata grupper för användare skall skapas automatiskt" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "Ange en grupp att lägga till\n" -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA-domän" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "Den valda GID:n är utanför det tillåtna intervallet\n" -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA-serveradress" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "Det gick inte att allokera ID för gruppen - full domän?\n" -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Adress till reserv-IPA-server" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "En grupp med samma namn eller GID finns redan\n" -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA-klientvärdnamn" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "Transaktionsfel. Det gick inte att lägga till gruppen.\n" -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "Ange grupp att ta bort\n" -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Sökbas för HBAC-relaterade objekt" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "Gruppen %1$s är utanför det definierade ID-intervallet för domänen\n" -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" +msgstr "" +"NSS-begäran misslyckades (%1$d). Posten kan finnas kvar i en minnes-cache.\n" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/tools/sss_groupdel.c:132 msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" msgstr "" -"Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "Platsen för automatmonteraren denna IPA-klient använder" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "Sökbas för objekt som innehåller information om IPA-domänen" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "Sökbas för objekt som innehåller information om ID-intervall" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "Aktivera DNS-sajter - platsbaserad detektering av tjänster" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Sökbas för vybehållare" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Objektklass för vybehållare" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "Attribut med namnet på vyn" +"Ingen sådan grupp i den lokala domänen. Att ta bort grupper är endast " +"tillåtet i den lokala domänen.\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Objektklass för åsidosättande objekt" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "Internt fel. Det gick inte att ta bort gruppen.\n" -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "Attribut med referensen till originalobjektet" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Grupper att lägga till denna grupp till" -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Objektklass för användaråsidosättande objekt" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Grupper att ta bort denna grupp från" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Objektklass för gruppåsidosättande objekt" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "Ange grupp att ta bort ifrån\n" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "Sökväg för objekt relaterade till skrivbordsprofiler" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "Ange grupp att ändra\n" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/tools/sss_groupmod.c:130 msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"Tiden i sekunder mellan uppslagningar av skrivbordsprofilsregler mot IPA-" -"servern" +"Kan inte hitta gruppen i den lokala domänen, att ändra grupper är endast " +"tillåtet i den lokala domänen\n" + +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" +msgstr "Medlemsgrupper måste ligga i samma domän som föräldragrupper\n" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" -"Tiden i minuter mellan uppslagningar av skrivbordsprofilsregler mot IPA-" -"servern när den senaste förfrågan inte hittade någon regel" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Active Directory-domän" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "Aktivera Active Directory-domäner" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Adress till Active Directory-server" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Adress till Active Directory-reservserver" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Active Directory-klientvärdnamn" +"Kan inte hitta grupp %1$s i den lokala domänen, endast grupper i den lokala " +"domänen är tillåtna\n" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "LDAP-filter för att bestämma åtkomstprivilegier" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" +msgstr "" +"Det gick inte att ändra gruppen - kontrollera om medlemsgruppsnamnen är " +"riktiga\n" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Huruvida den globala katalogen skall användas för uppslagningar" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" +msgstr "" +"Det gick inte att ändra gruppen - kontrollera om gruppnamnet är riktigt\n" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Arbetsläge för GPO-baserad åtkomstkontroll" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "Transaktionsfel. Det gick inte att ändra gruppen.\n" -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "Tidsåtgången mellan uppslagningar av GPO-policyfiler mot AD-servern" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Magiskt privat " -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" -"PAM-tjänstenamn som översätts till GPO-policyinställningen " -"(Deny)InteractiveLogonRight" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sGrupp: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" -"PAM-tjänstenamn som översätts till GPO-policyinställningen " -"(Deny)RemoteInteractiveLogonRight" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sGID-nummer: %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"PAM-tjänstenamn som översätts till GPO-policyinställningen " -"(Deny)NetworkLogonRight" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sMedlemsanvändare: " -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/tools/sss_groupshow.c:627 +#, c-format msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" +"\n" +"%1$sIs a member of: " msgstr "" -"PAM-tjänstenamn som översätts till GPO-policyinställningen " -"(Deny)BatchLogonRight" +"\n" +"%1$sÄr en medlem i: " -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/tools/sss_groupshow.c:634 +#, c-format msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" +"\n" +"%1$sMember groups: " msgstr "" -"PAM-tjänstenamn som översätts till GPO-policyinställningen " -"(Deny)ServiceLogonRight" +"\n" +"%1$sMedlemsgrupper: " -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid tillåts" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "Skriv ut indirekta gruppmedlemmar rekursivt" -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid nekas" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "Ange en grupp att visa\n" -#: src/config/SSSDConfig/__init__.py.in:251 +#: src/tools/sss_groupshow.c:744 msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" msgstr "" -"Standardinloggningsrättigheter (eller permit/deny) att använda för omappade " -"PAM-tjänstenamn" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "en viss sajt att användas av klienten" +"Ingen sådan grupp i den lokala domänen. Att skriva ut grupper är endast " +"tillåtet i den lokala domänen.\n" -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "Maximal ålder i dagar innan maskinkontots lösenord skall förnyas" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "Internt fel. Det gick inte att skriva ut gruppen.\n" -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "Flagga för att trimma maskinkontots förnyelseuppgift" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "Ta bort hemkatalog och brevlåda" -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Adress till Kerberosserver" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Adress till reservserver för Kerberos" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Kerberosrike" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Autentiseringstidsgräns" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Huruvida kdcinfo-filer skall skapas" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Var konfigurationssnuttar för krb5 skall läggas" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Katalog att lagra kreditiv-cachar i" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Plats för användarens kreditiv-cache" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Plats för nyckeltabellen för att validera kreditiv" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Aktivera validering av kreditiv" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Förnybar livstid för TGT:n" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Livstid för TGT:n" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Tid mellan två kontroller av förnyelse" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Aktiverar FAST" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Väljer huvudman att använda för FAST" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Aktivera kanonisk form av huvudman" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Aktiverar företagshuvudmän" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "En översättning från användarnamn till Kerberos huvudmansnamn" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "Ta inte bort hemkatalog och brevlåda" -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, URI:n för LDAP-servern" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "Framtvinga borttagning av filer som inte ägs av användaren" -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, URI:n för LDAP-servern" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "Döda användares processer före de tas bort" -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Standard bas-DN" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "Ange användare att ta bort\n" -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Schematypen som används i LDAP-servern, rfc2307" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "" +"Användaren %1$s är utanför det definierade ID-intervallet för domänen\n" -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "Läge som används för att ändra användares lösenord" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "Kan inte återställa SELinux-inloggningskontext\n" -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Standard bindnings-DN" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Typen på autentiserings-token för standard bindnings-DN" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Autentiserings-token för standard bindnings-DN" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Tidslängd att försöka ansluta" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Tidslängd att försöka synkrona LDAP-operationer" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "Tidslängd mellan försök att återansluta vid frånkoppling" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Använd endast versaler för namn på riken" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Fil som innehåller CA-certifikat" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Sökväg till katalogen med CA-certifikat" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Fil som innehåller klientcertifikatet" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Fil som innehåller klientnyckeln" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" +msgstr "" +"VARNING: Användaren (uid %1$lu) var fortfarande inloggad när han togs bort.\n" -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Lista över möjliga chiffersviter" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" +msgstr "Det går inte att avgöra om användaren var inloggad på denna plattform" -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Kräv TLS-certifikatverifiering" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "Fel vid kontroll om användaren var inloggad\n" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Ange sasl-mekanismen att använda" +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "Kommandot efter borttagandet misslyckades: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Ange sasl-auktorisering-id att använda" +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" +msgstr "Tar inte bort hemkatalogen - ägs inte av användaren\n" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Ange sasl-auktoriseringsrike att använda" +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "Kan inte ta bort hemkatalogen: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "Ange minsta SSF för LDAP-sasl-auktorisering" +#: src/tools/sss_userdel.c:326 +msgid "" +"No such user in local domain. Removing users only allowed in local domain.\n" +msgstr "" +"Ingen sådan användare i den lokala domänen. Det går endast att ta bort " +"användare i den lokala domänen.\n" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Kerberostjänstens nyckeltabell" +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "Internt fel. Det gick inte att ta bort användaren.\n" -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Använd Kerberosautentisering för LDAP-anslutningar" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "Användarens GID" -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Följer LDAP-hänvisningar" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Grupper att lägga till denna användare till" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Livslängd på TGT för LDAP-anslutning" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Grupper att ta bort denna användare ifrån" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Hur alias skall derefereras" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Lås kontot" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Tjänstenamn för uppslagning av DNS-tjänster" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Lås upp kontot" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "Lägg till ett attribut/värde-par. Formatet är attrnamn=värde." -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." +msgstr "Ta bort ett attribut/värde-par. Formatet är attrnamn=värde." -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/tools/sss_usermod.c:59 msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" msgstr "" -"Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram " -"värdnamnets kanoniska form under en SASL-bindning" +"Sätt ett attribut till ett namn/värde-par. Formatet är attrnamn=värde. För " +"flervärda attribut ersätter kommandot de värden som redan finns" -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "entryUSN-attribut" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "Ange attributets namn/värde-par\n" -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "lastUSN-attribut" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "Ange användare att ändra\n" -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" +#: src/tools/sss_usermod.c:180 +msgid "" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" msgstr "" -"Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner" +"Det gick inte att hitta användaren i den lokala domänen, det går bara att " +"ändra användare i den lokala domänen\n" -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Avaktivera flödesstyrningen (paging) av LDAP" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" +msgstr "" +"Det gick inte att ändra användaren - kontrollera att gruppnamnen är riktiga\n" -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Avaktivera Active Directorys intervallhämtande" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" +msgstr "" +"Det gick inte att ändra användaren - är användaren redan medlem i grupper?\n" -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Tidslängd att vänta på en sökbegäran" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" +msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Tidslängd att vänta på en uppräkningsbegäran" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "Inga cache-objekt matchade den angivna sökningen\n" -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Tidslängd mellan uppräkningsuppdateringar" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "Kunde inte invalidera %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Tidslängd mellan cache-tömningar" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "Kunde inte invalidera %1$s %2$s\n" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Kräv TLS för ID-uppslagningar" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "Invalidera alla cachade poster" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "Använd ID-översättning av objectSID istället för förhandssatta ID:n" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "Invalidera en viss användare" -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Bas-DN för användaruppslagningar" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "Invalidera alla användare" -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Omfång av användaruppslagningar" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "Invalidera en viss grupp" -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Filter för användaruppslagningar" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "Invalidera alla grupper" -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Objektklass för användare" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "Invalidera en viss nätgrupp" -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Användarnamnsattribut" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "Invalidera alla nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "UID-attribut" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "Invalidera en viss tjänst" -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Primärt GID-attribut" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "Invalidera alla tjänster" -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "GECOS-attribut" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "Invalidera en viss autofs-mapp" -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Hemkatalogattribut" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "Invalidera alla autofs-mappar" -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Skalattribut" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "Invalidera en viss SSH-värd" -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "UUID-attribut" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "Invalidera alla SSH-värdar" -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "objectSID-attribut" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "Invalidera en viss sudo-regel" -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "Primärt gruppattribut i Active Directory för ID-mappning" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "Invalidera alla cachade sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Användarens huvudmansattribut (för Kerberos)" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "Invalidera endast poster från en viss domän" -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Fullständigt namn" +#: src/tools/sss_cache.c:811 +msgid "" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" +msgstr "" +"Oväntat argument angivet, flaggor som invaliderar ett ensamt objekt tar bara " +"ett ensamt angivet argument.\n" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "medlemAv-attribut" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" +msgstr "Välj åtminstone ett objekt att invalidera\n" -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Modifieringstidsattribut" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" +msgstr "" +"Kunde inte öppna domänen %1$s. Om domänen är en underdomän (betrodd domän), " +"använd fullt kvalificerat namn istället för parametrarna --domain/-d.\n" -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "attributet shadowLastChange" +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "Kunde inte öppna tillgängliga domäner\n" -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "shadowMin-attribut" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "" +"Namnet ”%1$s” verkar inte vara ett fullt kvalificerad domännamn (”%2$s = " +"TRUE” är satt)\n" -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "shadowMax-attribut" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "Slut på minne\n" -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "shadowWarning-attribut" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s måste köras som root\n" -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "shadowInactive-attribut" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "ja" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "shadowExpire-attribut" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "nej" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "shadowFlag-attribut" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "fel" -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Attribut för listning av auktoriserade PAM-tjänster" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "Felaktigt resultat." -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Attribut för listning av auktoriserade servervärdar" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "Kan inte läsa användarens indata\n" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "Attribut för listning av auktoriserade server-rhosts" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "Felaktig indata, ange antingen ”%s” eller ”%s”.\n" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "attributet krbLastPwdChange" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "Fel när externt kommando kördes\n" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "krbPasswordExpiration-attribut" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "SSSD behöver köras. Starta SSSD nu?" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "SSSD får inte köra. Stoppa SSSD nu?" -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "AD:s attribut accountExpires" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "SSSD behöver startas om. Starta om SSSD nu?" -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "AD:s attribut userAccountControl" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s finns inte i cachen.\n" -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "attributet nsAccountLock" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "Namn" -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "NDS attribut loginDisabled" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "Datum då cache-posten skapades" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "NDS attribut loginExpirationTime" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "Tidpunkt då cache-posten senast uppdaterades" -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "NDS attribut loginAllowedTimeMap" +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "Tidpunkt då cache-posten går ut" -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Attribut för publik SSH-nyckel" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "Cachad i InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "attribut för listning av tillåtna autentiseringstyper för en användare" +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "Fel: kan inte hämta objektet [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "attribut som innehåller användarens X509-certifikat" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: Kan inte läsa värdet [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "attribut som innehåller e-postadresser till användaren" +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "Ange namn." -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "En lista över extra attribut att hämta tillsammans med användarposten" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "Kan inte tolka namnet %s.\n" -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "Bas-DN för gruppuppslagningar" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "Sök via SID" -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Objektklass för grupper" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "Sök via användar-ID" -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Gruppnamn" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Grupplösenord" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "GID-attribut" +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Init-gruppers utgångstid" -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Gruppmedlemsattribut" +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "Sök via grupp-ID" -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "Grupp-UUID-attribut" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" +msgstr "Misslyckades med att öppna %s\n" -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Modifieringstidsattribut för grupper" +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" +msgstr "Filen %1$s finns inte.\n" -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Typen av grupp och andra flaggor" +#: src/tools/sssctl/sssctl_config.c:79 +msgid "" +"File ownership and permissions check failed. Expected root:root and 0600.\n" +msgstr "" +"Kontrollen av filens ägarskap och rättigheter misslyckades. root:root och " +"0600 förväntades.\n" -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "LDAP-gruppens externa medlemsattribut" +#: src/tools/sssctl/sssctl_config.c:85 +#, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "Maximal nästlingsnivå SSSD kommer följa" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "Bas-DN för nätgruppuppslagningar" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Objektklass för nätgrupper" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Nätgruppnamn" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "Problem identifierade av validerare: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Attribut på nätgruppmedlemmar" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "Meddelanden genererade under sammanslagning av konfigurationen: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Attribut på nätgruppstripplar" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Modifieringstidsattribut för nätgrupper" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "Kan inte skapa en katalog för säkerhetskopia [%d]: %s" -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Bas-DN för tjänsteuppslagningar" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" +msgstr "En SSSD-säkerhetskopia av lokala data finns redan, åsidosätt?" -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Objektklass för tjänster" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "Kan inte exportera användaråsidosättanden\n" -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Tjänstenamnsattribut" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "Kan inte exportera gruppåsidosättanden\n" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Tjänsteportsattribut" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "Åsidosätt befintlig säkerhetskopia" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Tjänsteprotokollsattribut" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "Kan inte importera användaråsidosättanden\n" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Undre gräns för ID-mappning" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "Kan inte importera gruppåsidosättanden\n" -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Övre gräns för ID-mappning" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "Starta SSSD om den inte kör" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "Antal ID:n till varje skiva vid ID-mappning" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "Starta om SSSD efter import av data" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "Använd en autorid-kompatibel algoritm för ID-mappning" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "Skapa rena cachefiler och importera lokala data" -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Standarddomänens namn för ID-mappning" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "Stoppa SSSD före cachen tas bort" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "Standarddomänens SID för ID-mappning" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "Starta SSSD när cachen är borttagen" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "Antal sekundära skivor" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "Skapa säkerhetskopia av lokala data …\n" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Huruvida Token-Groups skall användas" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" +msgstr "" +"Kan inte skapa säkerhetskopia av lokala data, kan inte ta bort cachen.\n" -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "Tar bort cache-filer …\n" -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "Kan inte ta bort cache-filer\n" -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN för ppolicy-frågor" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "Återställer lokala data …\n" -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "Hur många poster att maximalt hämta i en joker-begäran" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" +msgstr "Visa domänlistan inklusive primär eller betrodd domäntyp" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Policy för att utvärdera utgång av lösenord" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "Det går inte att ansluta till systembussen!\n" -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "Uppkopplad" -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "Frånkopplad" -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "Uppkopplingsstatus: %s\n" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "Denna domän har inga aktiva servrar.\n" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "Aktiva servrar:\n" -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" -"Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en " -"ändring av lösenord" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "inte ansluten" -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Bas-DN för regeluppslagningar" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "Inga servrar upptäcktes.\n" -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Intervall mellan automatisk fullständig omläsning" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "Upptäckte %s servrar:\n" -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Intervall mellan automatisk smart omläsning" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "Ingen än så länge.\n" -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" -"Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "Visa uppkopplingsstatus" -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för " -"att filtrera sudo-regler" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "Visa information om aktiv server" -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera " -"sudo-regler" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "Visa lista över upptäckta servrar" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "Ange domännamn." -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Huruvida regler som innehåller reguljära uttryck i värdattribut skall " -"inkluderas" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "Slut på minne!\n" -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Objektklass för sudo-regler" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "Kan inte ta reda på uppkopplingsstatus\n" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "Kan inte ta reda på serverlistan\n" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Sudo-regelnamn" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Attribut för sudo-regelkommandon" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "Radera loggfiler istället för att hugga av" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Attribut för sudo-regelvärd" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "Raderar loggfiler …\n" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Attribut för sudo-regelanvändare" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "Kan inte ta bort loggfiler\n" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Attribut för sudo-regelflaggor" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "Hugger av loggfiler …\n" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "Sudo-regel-runas-attribut" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "Kan inte hugga av loggfiler\n" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "Attribut för sudo-runasuser" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "Slut på minne!" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Attribut på runasgroup i sudo-regel" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "Arkiverar loggfiler in i %s …\n" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Attribut för sudo-notbefore-regler" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "Kan inte arkivera loggfiler\n" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Attribut för sudo-notafter-regler" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "Ange felsökningsnivå du vill sätta" -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Attribut för sudo-order-regler" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "Resultat av SSSD InfoPipe-användaruppslagning:\n" -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Objektklass för avbildningar för automatmonterare" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "dlopen misslyckades med [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Attribut för namn i avbildningar för automatmonterare" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "dlsym misslyckades med [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Objektklass för poster i avbildningar för automatmonterare" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "malloc misslyckades.\n" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Attribut för postnycklar i avbildningar för automatmonterare" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "sss_getpwnam_r misslyckades med [%d].\n" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Attribut på postvärde i avbildning för automatmonteraren" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "Resultat av SSSD nss-användaruppslagning:\n" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Bas-DN för uppslagningar i avbildningar för automatmonterare" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " - användarnamn: %s\n" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Kommaseparerad lista över tillåtna användare" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " - användar-id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Kommaseparerad lista över förbjudna användare" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " - grupp-id: %d\n" -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Standardskal, /bin/bash" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " - gecos: %s\n" -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Bas för hemkataloger" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " - hemkatalog: %s\n" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "Antal ombudsbarn före grening" +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format +msgid "" +" - shell: %s\n" +"\n" +msgstr "" +" - skal: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Namnet på NSS-biblioteket att använda" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "PAM-åtgärd [auth|acct|setc|chau|open|clos], standard: " -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "PAM-tjänst, standard: " -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "PAM-stack att använda" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "Ange användarnamn." -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "Sökväg till lösenordsfilkällor." +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format +msgid "" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" +msgstr "" +"användare: %s\n" +"åtgärd: %s\n" +"tjänst: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "Sökväg till gruppfilkällor." +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "Användarnamnsuppslagning med [%s] misslyckades.\n" -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "Bli en demon (standard)" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "InfoPipe-användaruppslagning med [%s] misslyckades.\n" -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "Kör interaktivt (inte en demon)" +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "pam_start misslyckades: %s\n" -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "Avaktivera netlink-gränssnittet" +#: src/tools/sssctl/sssctl_user_checks.c:268 +msgid "" +"testing pam_authenticate\n" +"\n" +msgstr "" +"testar pam_authenticate\n" +"\n" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "Ange en konfigurationsfil annan än standard" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "pam_get_item misslyckades: %s\n" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "Uppdatera konfigurationsdatabasen, avsluta sedan" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" +msgstr "" +"pam_authenticate för användaren [%s]: %s\n" +"\n" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "Liknande --genconf, men uppdaterar endast den angivna sektionen" +#: src/tools/sssctl/sssctl_user_checks.c:278 +msgid "" +"testing pam_chauthtok\n" +"\n" +msgstr "" +"testar pam_chauthtok\n" +"\n" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "Skriv ut versionsnumret och avsluta" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" +msgstr "" +"pam_chauthtok: %s\n" +"\n" -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "SSSD kör redan\n" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" +msgstr "" +"testar pam_acct_mgmt\n" +"\n" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "Felsökningsnivå" +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format +msgid "" +"pam_acct_mgmt: %s\n" +"\n" +msgstr "" +"pam_acct_mgmt: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "Lägg till felsökningstidstämplar" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" +msgstr "" +"testar pam_setcred\n" +"\n" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "Visa tidsstämplar med mikrosekunder" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "En öppen fildeskriptor för felsökningsloggarna" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" +msgstr "" +"testar pam_open_session\n" +"\n" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "Skicka felsökningsutdata direkt till standard fel." +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "Användaren att skapa en FAST-ccache som" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" +msgstr "" +"testar pam_close_session\n" +"\n" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "Gruppen att skapa en FAST-ccache som" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" +msgstr "" +"pam_close_session: %s\n" +"\n" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "Kerberosrike att använda" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "okänd åtgärd\n" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "Begärd livslängd på biljetten" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "PAM-miljö:\n" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "Begärd förnybar livslängd på biljetten" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " - ingen miljö -\n" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "FAST-flaggor (”never”, ”try”, ”demand”)" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "Användar-ID:t att köra servern som" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "Anger serverhuvudmannen att använda för FAST" +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "Grupp-ID:t att köra servern som" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "Begär kanonisering av huvudmannanamnet" +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "Informerar att respondenten har blivit uttagsaktiverad" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "Använd en anpassad version av krb5_get_init_creds_password" +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "Informerar att respondenten har blivit dbus-aktiverad" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "Domän för informationsleverantören (obligatoriskt)" +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Ange pratsamhet för felsökningsloggning" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "Privilegierat uttag (socket) har fel ägarskap eller rättigheter." +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Inkludera tidsstämplar i felsökningsloggar" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter." +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Inkludera mikrosekunder i tidsstämplar i felsökningsloggar" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "Oväntat format på serverns kreditivmeddelande." +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Skriv felmeddelanden till loggfiler" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD körs inte av root." +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "Vakthundstidsgräns före tjänst startas om" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "SSSD-uttaget finns inte." +#~ msgid "Command to start service" +#~ msgstr "Kommando för att starta tjänst" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "Kan inte ta status på SSSD-uttaget." +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Antal gånger att försöka ansluta till dataleverantörer" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "Ett fel uppstod, men ingen beskrivning kan hittas." +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "Antalet fildeskriptorer som får öppnas av denna svarare" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "Oväntat fel vid sökning efter ett felmeddelande" +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "Inaktiv tid före en klient automatiskt kopplas ifrån" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "Åtkomst nekas. " +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "Inaktiv tid före den svarande automatiskt stängs av" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "Servermeddelande: " +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "Fråga alltid alla cacharna före dataleverantörerna frågas" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "Lösenorden stämmer inte överens" +#~ msgid "SSSD Services to start" +#~ msgstr "SSSD-tjänster att starta" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "Återställning av lösenord av root stöds inte." +#~ msgid "SSSD Domains to start" +#~ msgstr "SSSD-domäner att starta" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "Autentiserad med cachade kreditiv" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Tidsgräns för meddelanden skickade via SBUS" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr ", ditt cache-lösenord kommer gå ut: " +#~ msgid "Regex to parse username and domain" +#~ msgstr "Reguljäruttryck för att tolka användarnamn och domän" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "Ditt lösenord har gått ut. Du har en frist på %1$d inloggningar kvar." +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "" +#~ "Printf-kompatibla format för att visa fullständigt kvalificerade namn" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "Ditt lösenordet kommer gå ut om %1$d %2$s." +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Katalog på filsystemet där SSSD skall lagra sparade återspolningsfiler " +#~ "från Kerberos." -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "Autentisering nekas till: " +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Domän att lägga till till namn utan en domändel." -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "Systemet är frånkopplat, ändring av lösenord är inte möjligt" +#~ msgid "The user to drop privileges to" +#~ msgstr "Användaren att släppa behörigheter till" -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"Efter att ha ändrat OTP-lösenordet behöver du logga ut och tillbaka in för " -"att få en biljett" +#~ msgid "Tune certificate verification" +#~ msgstr "Trimma certifikatverifikation" -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "Lösenordsändringen misslyckades. " +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Alla mellanrum i grupp- eller användarnamn kommer att ersättas med detta " +#~ "tecken" -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "Nytt lösenord: " +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "" +#~ "Trimma sssd till att beakta eller ignorera ändringar av netlink-" +#~ "tillståndet" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "Skriv det nya lösenordet igen: " +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "Aktivera eller avaktivera den implicita fildomänen" -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "Första faktorn: " +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "En specifik ordning på domänerna som skall slås upp" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "Andra faktorn (frivillig): " +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Tidsgränslängd för uppräkningscache (sekunder)" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "Andra faktorn: " +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Tidsgränslängd för bakgrundsuppdateringar av postcache (sekunder)" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "Lösenord: " +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Tidsgränslängd för negativ cache (sekunder)" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "Första faktorn (nuvarande lösenord): " +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "Tidsgränslängd för negativ filcache (sekunder)" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "Nuvarande lösenord: " +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Användare som SSSD uttryckligen skall bortse ifrån" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Grupper som SSSD uttryckligen skall bortse ifrån" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "Felsökningsnivån att köra med" +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Skall filtrerade användare förekomma i grupper" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "SSSD-domäner att använda" +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Värdet på lösenordsfältet som NSS-leverantörer skall returnera" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "Fel när lokalen sattes\n" +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Åsidosätt hemkatalogvärdet från identitetsleverantören med detta värde" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "Inte tillräckligt med minne\n" +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Ersätt ett tomt hemkatalogvärde från identitetsleverantören med detta " +#~ "värde" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "Ingen användare angiven\n" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "Åsidosätt skalvärdet från identitetsleverantören med detta värde" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "Fel vid uppslagning av publika nycklar\n" +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "Listan på skal användare får lov att logga in med" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "Porten att använda för att ansluta till värden" +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "" +#~ "Listan på skal som kommer förbjudas, och ersättas med standardskalet" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "Skriv ut värdens publika ssh-nycklar" +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Om ett skal lagrat i en central katalog är tillåtet men inte " +#~ "tillgängligt, använd detta alternativ" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "Felaktig port\n" +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Skal att använda om leverantören inte listar något" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "Värden inte angiven\n" +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Hur länge sparade poster i minnet är giltiga" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "Sökvägen till proxy-kommandot måste vara absolut\n" +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "Lista över användarattribut NSS-svaranden får publicera" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "sss_ssh_knownhostsproxy: Det gick inte att slå upp värdnamnet %s\n" +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Hur länge sparade inloggningar tillåts mellan online-inloggningar (dagar)" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "Användarens UID" +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "" +#~ "Hur många misslyckade inloggningsförsök som tillåts i frånkopplat läge" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "Kommentarsträngen" +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Hur länge (minuter) som inloggning nekas efter att " +#~ "frånkopplade_inloggningsförsök har nåtts" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "Hemkatalogen" +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Vilka slags meddelanden som visas för användaren under autentisering" -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "Inloggningsskalet" +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "Filtrera PAM-svar skickade till pam_sss" -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "Grupper" +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Hur många sekunder identitetsinformationen hålls sparad för PAM-frågor" -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "Skapa användarens katalog om den inte redan finns" +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "Hur många dagar före ett lösenord går ut en varning skall visas" -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "Skapa aldrig användarens katalog, åsidosätter konfigurationen" +#~ msgid "List of trusted uids or user's name" +#~ msgstr "Lista över betrodda uid:n eller användarnamn" -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "Ange en alternativ skelettkatalog" +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "Lista över domäner tillgängliga även för ej betrodda användare." -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "SELinux-användaren för användarens inloggning" +#~ msgid "Message printed when user account is expired." +#~ msgstr "Meddelande som skrivs när ett användarkonto har gått ut." -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "Ange en grupp att lägga till till\n" +#~ msgid "Message printed when user account is locked." +#~ msgstr "Meddelande som skrivs när ett användarkonto är låst." -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "Ange en användare att lägga till\n" +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "Tillåt certifikatbaserad/smartkortsautentisering." -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "Fel vid initiering av verktygen — ingen lokal domän\n" +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "Sökväg till certifikatdatabasen med PKCS#11-moduler." -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "Fel vid initiering av verktygen\n" +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "Hur många sekunder kommer pam_sss vänta på p11_child att avsluta" -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "Ogiltig domän angiven i FQDN\n" +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "Vilka PAM-tjänster tillåts att kontakta applikationsdomäner" -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "Internt fel vid tolkning av parametrar\n" +#~ msgid "Allowed services for using smartcards" +#~ msgstr "Tillåtna tjänster för användning av smartkort" -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "Grupper måste finnas i samma domän som användaren\n" +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Ytterligare tidsgräns att vänta på ett kort om begärt" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "PKCS#11 URI för att begränsa urvalet av enheter för " +#~ "smartkortsautentisering" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "Om tidsbaserade attribut i sudo-regler skall beräknas" + +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "" +#~ "Om sant kommer SSSD byta tillbaka till ordningslogiken att lägre vinner" + +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "Maximalt antal regler som kan som kan uppdateras samtidigt. Om detta " +#~ "överskrids utförs en fullständig uppdatering." + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "" +#~ "Om värdnamn och adresser i known_hosts-filen skall göras till " +#~ "kontrollsummor" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Hur många sekunder att behålla en värd i filen known_hosts efter att dess " +#~ "värdnycklar begärdes" + +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "Sökväg till lagring av betrodda CA-certifikat" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Lista över UID:er eller användarnamn som tillåts komma åt PAC-svararen" + +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "Hur länge PAC-data betraktas som giltiga" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Lista över UID:er eller användarnamn som tillåts komma åt InfoPipe-" +#~ "svararen" -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "Hittar inte gruppen %1$s i den lokala domänen\n" +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "Lista över användarattribut InfoPipe får publicera" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "Kan inte sätta standardvärden\n" +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "Leverantören där hemligheter kommer lagras i" -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "Den valda UID:n är utanför det tillåtna intervallet\n" +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "Det maximala antalet tillåtna nästlade behållare" -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "Kan inte sätta SELinux-inloggningskontext\n" +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "Det maximala antalet hemligheter som kan lagras" -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "Kan inte få information om användaren\n" +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "Det maximala antalet hemligheter som kan lagras per UID" -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"Användarens hemkatalog finns redan, kopierar inte data från " -"skelettkatalogen\n" +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "Den maximala laststorleken av hemligheter i kilobyte" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "Kan inte skapa användarens hemkatalog: %1$s\n" +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "URL:en Custodia-servern lyssnar på" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "Kan inte skapa användarens brevlåda: %1$s\n" +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "Metoden att använda vid autentisering mot en Custodia-server" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "Det gick inte att allokera ID för användaren - full domän?\n" +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "Namnet på huvudena som kommer läggas till i en HTTP-begäran med värdet " +#~ "definierat i auth_header_value" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "En användare eller grupp med samma namn eller ID finns redan\n" +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "Värdet sssd-hemligheter skulle använda till auth_header_name" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "Transaktionsfel. Det gick inte att lägga till användaren.\n" +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "" +#~ "Listan över huvuden att vidarebefordra till Custodia-servern tillsammans " +#~ "med begäran" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "GID:t för gruppen" +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Användarnamnet att använda vid autentisering mot en Custodia-server med " +#~ "basic_auth" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "Ange en grupp att lägga till\n" +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Lösenordet att använda vid autentisering mot en Custodia-server med " +#~ "basic_auth" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "Den valda GID:n är utanför det tillåtna intervallet\n" +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "Om sant verifieras motpartens certifikat om proxy_url använder " +#~ "protokollet https" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "Det gick inte att allokera ID för gruppen - full domän?\n" +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "Om falskt får motpartens certifikat innehålla ett annat värdnamn än " +#~ "proxy_url när protokollet https används" + +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "Sökväg till katalogen där certifikatutfärdares certifikat lagras" + +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "Sökväg till filen som innehåller serverns CA-certifikat" + +#~ msgid "Path to file containing client's certificate" +#~ msgstr "Sökväg till filen som innehåller klientens certifikat" + +#~ msgid "Path to file containing client's private key" +#~ msgstr "Sökväg till filen som innehåller klientens privata nyckel" + +#~ msgid "Identity provider" +#~ msgstr "Identitetsleverantör" + +#~ msgid "Authentication provider" +#~ msgstr "Autentiseringsleverantör" + +#~ msgid "Access control provider" +#~ msgstr "Leverantör av åtkomstkontroll" + +#~ msgid "Password change provider" +#~ msgstr "Leverantör av lösenordsändringar" + +#~ msgid "SUDO provider" +#~ msgstr "SUDO-leverantör" + +#~ msgid "Autofs provider" +#~ msgstr "Autofs-leverantör" + +#~ msgid "Host identity provider" +#~ msgstr "Värdidentitetsleverantör" + +#~ msgid "SELinux provider" +#~ msgstr "SELinux-leverantör" + +#~ msgid "Session management provider" +#~ msgstr "Sessionshanteringsleverantör" + +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "Huruvida domänen är användbar av OS:et eller av program" + +#~ msgid "Minimum user ID" +#~ msgstr "Minsta användar-ID" + +#~ msgid "Maximum user ID" +#~ msgstr "Största användar-ID" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Aktivera uppräkning av alla användare/grupper" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Cache-kreditiv för frånkopplad inloggning" + +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Visa användare/grupper i fullständigt kvalificerat format" + +#~ msgid "Don't include group members in group lookups" +#~ msgstr "Inkludera inte gruppmedlemmar i gruppuppslagningar" + +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Tidsgränslängd för postcache (sekunder)" + +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Begränsa eller föredra en specifik adressfamilj vid DNS-uppslagningar" + +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Hur länge cachade poster skall behållas efter senaste lyckade inloggning " +#~ "(dagar)" + +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "Hur länge SSSD skall prata med en enskild DNS-server innan den försöker " +#~ "med nästa server (millisekunder)." + +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "" +#~ "Hur länge SSSD skall fortsätta försöka slå upp en enskild DNS-fråga " +#~ "(sekunder)." + +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Hur länge man väntar på svar från DNS när servrar slås upp (sekunder)" + +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Domändelen av DNS-frågan för tjänstedetektering" + +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "Åsidosätt GID-värdet från identitetsleverantören med detta värde" + +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Behandla användarnamn som skiftlägeskänsliga" + +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Hur ofta utgångna poster skall förnyas i bakgrunden" + +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt" + +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den" + +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "Gränssnittet vars IP skall användas för dynamiska DNS-uppdateringar" + +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "Hur ofta klienternas DNS-poster periodiskt skall uppdateras" + +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "Huruvida leverantören explicit skall uppdatera PTR-posten också" + +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Huruvida verktyget nsupdate skall använda TCP som standard" + +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Vilken sorts autentisering som skall användas för att utföra DNS-" +#~ "uppdateringen" + +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "Åsidosätt DNS-servern som används för att utföra DNS-uppdateringen" + +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Styr uppräkning av betrodda domäner" + +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Hur ofta skall listan över underdomäner uppdateras" + +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Lista över flaggor som skall ärvas in i en underdomän" + +#~ msgid "Default subdomain homedir value" +#~ msgstr "Standard hemkatalogvärde för underdomäner" + +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "Hur länge cachade kreditiv får användas för cachad autentisering" + +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "Huruvida privata grupper för användare skall skapas automatiskt" + +#~ msgid "IPA domain" +#~ msgstr "IPA-domän" + +#~ msgid "IPA server address" +#~ msgstr "IPA-serveradress" + +#~ msgid "Address of backup IPA server" +#~ msgstr "Adress till reserv-IPA-server" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA-klientvärdnamn" + +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras" + +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Sökbas för HBAC-relaterade objekt" + +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern" + +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "" +#~ "Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-" +#~ "servern" + +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras" + +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "Platsen för automatmonteraren denna IPA-klient använder" + +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "Sökbas för objekt som innehåller information om IPA-domänen" + +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "Sökbas för objekt som innehåller information om ID-intervall" + +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "Aktivera DNS-sajter - platsbaserad detektering av tjänster" + +#~ msgid "Search base for view containers" +#~ msgstr "Sökbas för vybehållare" + +#~ msgid "Objectclass for view containers" +#~ msgstr "Objektklass för vybehållare" + +#~ msgid "Attribute with the name of the view" +#~ msgstr "Attribut med namnet på vyn" + +#~ msgid "Objectclass for override objects" +#~ msgstr "Objektklass för åsidosättande objekt" + +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "Attribut med referensen till originalobjektet" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "En grupp med samma namn eller GID finns redan\n" +#~ msgid "Objectclass for user override objects" +#~ msgstr "Objektklass för användaråsidosättande objekt" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "Transaktionsfel. Det gick inte att lägga till gruppen.\n" +#~ msgid "Objectclass for group override objects" +#~ msgstr "Objektklass för gruppåsidosättande objekt" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "Ange grupp att ta bort\n" +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "Sökväg för objekt relaterade till skrivbordsprofiler" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "Gruppen %1$s är utanför det definierade ID-intervallet för domänen\n" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "Tiden i sekunder mellan uppslagningar av skrivbordsprofilsregler mot IPA-" +#~ "servern" -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"NSS-begäran misslyckades (%1$d). Posten kan finnas kvar i en minnes-cache.\n" +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "Tiden i minuter mellan uppslagningar av skrivbordsprofilsregler mot IPA-" +#~ "servern när den senaste förfrågan inte hittade någon regel" -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"Ingen sådan grupp i den lokala domänen. Att ta bort grupper är endast " -"tillåtet i den lokala domänen.\n" +#~ msgid "Active Directory domain" +#~ msgstr "Active Directory-domän" -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "Internt fel. Det gick inte att ta bort gruppen.\n" +#~ msgid "Enabled Active Directory domains" +#~ msgstr "Aktivera Active Directory-domäner" -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "Grupper att lägga till denna grupp till" +#~ msgid "Active Directory server address" +#~ msgstr "Adress till Active Directory-server" -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "Grupper att ta bort denna grupp från" +#~ msgid "Active Directory backup server address" +#~ msgstr "Adress till Active Directory-reservserver" -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "Ange grupp att ta bort ifrån\n" +#~ msgid "Active Directory client hostname" +#~ msgstr "Active Directory-klientvärdnamn" -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "Ange grupp att ändra\n" +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "LDAP-filter för att bestämma åtkomstprivilegier" -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"Kan inte hitta gruppen i den lokala domänen, att ändra grupper är endast " -"tillåtet i den lokala domänen\n" +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Huruvida den globala katalogen skall användas för uppslagningar" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "Medlemsgrupper måste ligga i samma domän som föräldragrupper\n" +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Arbetsläge för GPO-baserad åtkomstkontroll" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"Kan inte hitta grupp %1$s i den lokala domänen, endast grupper i den lokala " -"domänen är tillåtna\n" +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "Tidsåtgången mellan uppslagningar av GPO-policyfiler mot AD-servern" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"Det gick inte att ändra gruppen - kontrollera om medlemsgruppsnamnen är " -"riktiga\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "PAM-tjänstenamn som översätts till GPO-policyinställningen " +#~ "(Deny)InteractiveLogonRight" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"Det gick inte att ändra gruppen - kontrollera om gruppnamnet är riktigt\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "PAM-tjänstenamn som översätts till GPO-policyinställningen " +#~ "(Deny)RemoteInteractiveLogonRight" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "Transaktionsfel. Det gick inte att ändra gruppen.\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "PAM-tjänstenamn som översätts till GPO-policyinställningen " +#~ "(Deny)NetworkLogonRight" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Magiskt privat " +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "PAM-tjänstenamn som översätts till GPO-policyinställningen " +#~ "(Deny)BatchLogonRight" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$sGrupp: %3$s\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "PAM-tjänstenamn som översätts till GPO-policyinställningen " +#~ "(Deny)ServiceLogonRight" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$sGID-nummer: %2$d\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid tillåts" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "%1$sMedlemsanvändare: " +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid nekas" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$sÄr en medlem i: " +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Standardinloggningsrättigheter (eller permit/deny) att använda för " +#~ "omappade PAM-tjänstenamn" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"%1$sMedlemsgrupper: " +#~ msgid "a particular site to be used by the client" +#~ msgstr "en viss sajt att användas av klienten" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "Skriv ut indirekta gruppmedlemmar rekursivt" +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "Maximal ålder i dagar innan maskinkontots lösenord skall förnyas" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "Ange en grupp att visa\n" +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "Flagga för att trimma maskinkontots förnyelseuppgift" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"Ingen sådan grupp i den lokala domänen. Att skriva ut grupper är endast " -"tillåtet i den lokala domänen.\n" +#~ msgid "Kerberos server address" +#~ msgstr "Adress till Kerberosserver" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "Internt fel. Det gick inte att skriva ut gruppen.\n" +#~ msgid "Kerberos backup server address" +#~ msgstr "Adress till reservserver för Kerberos" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "Ta bort hemkatalog och brevlåda" +#~ msgid "Kerberos realm" +#~ msgstr "Kerberosrike" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "Ta inte bort hemkatalog och brevlåda" +#~ msgid "Authentication timeout" +#~ msgstr "Autentiseringstidsgräns" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "Framtvinga borttagning av filer som inte ägs av användaren" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Huruvida kdcinfo-filer skall skapas" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "Döda användares processer före de tas bort" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Var konfigurationssnuttar för krb5 skall läggas" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "Ange användare att ta bort\n" +#~ msgid "Directory to store credential caches" +#~ msgstr "Katalog att lagra kreditiv-cachar i" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "" -"Användaren %1$s är utanför det definierade ID-intervallet för domänen\n" +#~ msgid "Location of the user's credential cache" +#~ msgstr "Plats för användarens kreditiv-cache" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "Kan inte återställa SELinux-inloggningskontext\n" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Plats för nyckeltabellen för att validera kreditiv" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"VARNING: Användaren (uid %1$lu) var fortfarande inloggad när han togs bort.\n" +#~ msgid "Enable credential validation" +#~ msgstr "Aktivera validering av kreditiv" -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "Det går inte att avgöra om användaren var inloggad på denna plattform" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "Fel vid kontroll om användaren var inloggad\n" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Förnybar livstid för TGT:n" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "Kommandot efter borttagandet misslyckades: %1$s\n" +#~ msgid "Lifetime of the TGT" +#~ msgstr "Livstid för TGT:n" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "Tar inte bort hemkatalogen - ägs inte av användaren\n" +#~ msgid "Time between two checks for renewal" +#~ msgstr "Tid mellan två kontroller av förnyelse" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "Kan inte ta bort hemkatalogen: %1$s\n" +#~ msgid "Enables FAST" +#~ msgstr "Aktiverar FAST" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"Ingen sådan användare i den lokala domänen. Det går endast att ta bort " -"användare i den lokala domänen.\n" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Väljer huvudman att använda för FAST" -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "Internt fel. Det gick inte att ta bort användaren.\n" +#~ msgid "Enables principal canonicalization" +#~ msgstr "Aktivera kanonisk form av huvudman" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "Användarens GID" +#~ msgid "Enables enterprise principals" +#~ msgstr "Aktiverar företagshuvudmän" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "Grupper att lägga till denna användare till" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "En översättning från användarnamn till Kerberos huvudmansnamn" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "Grupper att ta bort denna användare ifrån" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "Lås kontot" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, URI:n för LDAP-servern" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "Lås upp kontot" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, URI:n för LDAP-servern" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "Lägg till ett attribut/värde-par. Formatet är attrnamn=värde." +#~ msgid "The default base DN" +#~ msgstr "Standard bas-DN" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "Ta bort ett attribut/värde-par. Formatet är attrnamn=värde." +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Schematypen som används i LDAP-servern, rfc2307" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"Sätt ett attribut till ett namn/värde-par. Formatet är attrnamn=värde. För " -"flervärda attribut ersätter kommandot de värden som redan finns" +#~ msgid "Mode used to change user password" +#~ msgstr "Läge som används för att ändra användares lösenord" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "Ange attributets namn/värde-par\n" +#~ msgid "The default bind DN" +#~ msgstr "Standard bindnings-DN" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "Ange användare att ändra\n" +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Typen på autentiserings-token för standard bindnings-DN" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"Det gick inte att hitta användaren i den lokala domänen, det går bara att " -"ändra användare i den lokala domänen\n" +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Autentiserings-token för standard bindnings-DN" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"Det gick inte att ändra användaren - kontrollera att gruppnamnen är riktiga\n" +#~ msgid "Length of time to attempt connection" +#~ msgstr "Tidslängd att försöka ansluta" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"Det gick inte att ändra användaren - är användaren redan medlem i grupper?\n" +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Tidslängd att försöka synkrona LDAP-operationer" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n" +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "Tidslängd mellan försök att återansluta vid frånkoppling" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "Inga cache-objekt matchade den angivna sökningen\n" +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Använd endast versaler för namn på riken" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "Kunde inte invalidera %1$s\n" +#~ msgid "File that contains CA certificates" +#~ msgstr "Fil som innehåller CA-certifikat" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "Kunde inte invalidera %1$s %2$s\n" +#~ msgid "Path to CA certificate directory" +#~ msgstr "Sökväg till katalogen med CA-certifikat" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "Invalidera alla cachade poster" +#~ msgid "File that contains the client certificate" +#~ msgstr "Fil som innehåller klientcertifikatet" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "Invalidera en viss användare" +#~ msgid "File that contains the client key" +#~ msgstr "Fil som innehåller klientnyckeln" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "Invalidera alla användare" +#~ msgid "List of possible ciphers suites" +#~ msgstr "Lista över möjliga chiffersviter" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "Invalidera en viss grupp" +#~ msgid "Require TLS certificate verification" +#~ msgstr "Kräv TLS-certifikatverifiering" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "Invalidera alla grupper" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Ange sasl-mekanismen att använda" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Ange sasl-auktorisering-id att använda" + +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Ange sasl-auktoriseringsrike att använda" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "Invalidera en viss nätgrupp" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "Ange minsta SSF för LDAP-sasl-auktorisering" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "Invalidera alla nätgrupper" +#~ msgid "Kerberos service keytab" +#~ msgstr "Kerberostjänstens nyckeltabell" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "Invalidera en viss tjänst" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Använd Kerberosautentisering för LDAP-anslutningar" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "Invalidera alla tjänster" +#~ msgid "Follow LDAP referrals" +#~ msgstr "Följer LDAP-hänvisningar" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "Invalidera en viss autofs-mapp" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Livslängd på TGT för LDAP-anslutning" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "Invalidera alla autofs-mappar" +#~ msgid "How to dereference aliases" +#~ msgstr "Hur alias skall derefereras" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "Invalidera en viss SSH-värd" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Tjänstenamn för uppslagning av DNS-tjänster" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "Invalidera alla SSH-värdar" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "Invalidera en viss sudo-regel" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "Antalet medlemmar som måste saknas för att orsaka en fullständig " +#~ "dereferering" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "Invalidera alla cachade sudo-regler" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta " +#~ "fram värdnamnets kanoniska form under en SASL-bindning" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "Invalidera endast poster från en viss domän" +#~ msgid "entryUSN attribute" +#~ msgstr "entryUSN-attribut" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" -"Oväntat argument angivet, flaggor som invaliderar ett ensamt objekt tar bara " -"ett ensamt angivet argument.\n" +#~ msgid "lastUSN attribute" +#~ msgstr "lastUSN-attribut" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "Välj åtminstone ett objekt att invalidera\n" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Hur länge en anslutning till LDAP-servern skall behållas före den kopplas " +#~ "ner" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"Kunde inte öppna domänen %1$s. Om domänen är en underdomän (betrodd domän), " -"använd fullt kvalificerat namn istället för parametrarna --domain/-d.\n" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Avaktivera flödesstyrningen (paging) av LDAP" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "Kunde inte öppna tillgängliga domäner\n" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Avaktivera Active Directorys intervallhämtande" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "" -"Namnet ”%1$s” verkar inte vara ett fullt kvalificerad domännamn (”%2$s = " -"TRUE” är satt)\n" +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Tidslängd att vänta på en sökbegäran" -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "Slut på minne\n" +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Tidslängd att vänta på en uppräkningsbegäran" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s måste köras som root\n" +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Tidslängd mellan uppräkningsuppdateringar" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "ja" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Tidslängd mellan cache-tömningar" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "nej" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Kräv TLS för ID-uppslagningar" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "fel" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "Använd ID-översättning av objectSID istället för förhandssatta ID:n" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "Felaktigt resultat." +#~ msgid "Base DN for user lookups" +#~ msgstr "Bas-DN för användaruppslagningar" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "Kan inte läsa användarens indata\n" +#~ msgid "Scope of user lookups" +#~ msgstr "Omfång av användaruppslagningar" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "Felaktig indata, ange antingen ”%s” eller ”%s”.\n" +#~ msgid "Filter for user lookups" +#~ msgstr "Filter för användaruppslagningar" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "Fel när externt kommando kördes\n" +#~ msgid "Objectclass for users" +#~ msgstr "Objektklass för användare" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "SSSD behöver köras. Starta SSSD nu?" +#~ msgid "Username attribute" +#~ msgstr "Användarnamnsattribut" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "SSSD får inte köra. Stoppa SSSD nu?" +#~ msgid "UID attribute" +#~ msgstr "UID-attribut" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "SSSD behöver startas om. Starta om SSSD nu?" +#~ msgid "Primary GID attribute" +#~ msgstr "Primärt GID-attribut" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr " %s finns inte i cachen.\n" +#~ msgid "GECOS attribute" +#~ msgstr "GECOS-attribut" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "Namn" +#~ msgid "Home directory attribute" +#~ msgstr "Hemkatalogattribut" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "Datum då cache-posten skapades" +#~ msgid "Shell attribute" +#~ msgstr "Skalattribut" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "Tidpunkt då cache-posten senast uppdaterades" +#~ msgid "UUID attribute" +#~ msgstr "UUID-attribut" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "Tidpunkt då cache-posten går ut" +#~ msgid "objectSID attribute" +#~ msgstr "objectSID-attribut" -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "Cachad i InfoPipe" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "Primärt gruppattribut i Active Directory för ID-mappning" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "Fel: kan inte hämta objektet [%d]: %s\n" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Användarens huvudmansattribut (för Kerberos)" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "%s: Kan inte läsa värdet [%d]: %s\n" +#~ msgid "Full Name" +#~ msgstr "Fullständigt namn" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "Ange namn." +#~ msgid "memberOf attribute" +#~ msgstr "medlemAv-attribut" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "Kan inte tolka namnet %s.\n" +#~ msgid "Modification time attribute" +#~ msgstr "Modifieringstidsattribut" -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "Sök via SID" +#~ msgid "shadowLastChange attribute" +#~ msgstr "attributet shadowLastChange" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "Sök via användar-ID" +#~ msgid "shadowMin attribute" +#~ msgstr "shadowMin-attribut" -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "Init-gruppers utgångstid" +#~ msgid "shadowMax attribute" +#~ msgstr "shadowMax-attribut" -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "Sök via grupp-ID" +#~ msgid "shadowWarning attribute" +#~ msgstr "shadowWarning-attribut" -#: src/tools/sssctl/sssctl_config.c:70 -#, fuzzy, c-format -msgid "Failed to open %s\n" -msgstr "Kan inte tolka namnet %s.\n" +#~ msgid "shadowInactive attribute" +#~ msgstr "shadowInactive-attribut" -#: src/tools/sssctl/sssctl_config.c:75 -#, fuzzy, c-format -msgid "File %1$s does not exist.\n" -msgstr "SSSD-uttaget finns inte." +#~ msgid "shadowExpire attribute" +#~ msgstr "shadowExpire-attribut" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" -"Kontrollen av filens ägarskap och rättigheter misslyckades. root:root och " -"0600 förväntades.\n" +#~ msgid "shadowFlag attribute" +#~ msgstr "shadowFlag-attribut" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Attribut för listning av auktoriserade PAM-tjänster" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Attribut för listning av auktoriserade servervärdar" -#: src/tools/sssctl/sssctl_config.c:99 -#, fuzzy -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" -"Filen %1$s finns inte. SSSD kommer använda standardkonfigurationen med " -"filleverantörer.\n" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "Attribut för listning av auktoriserade server-rhosts" -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "attributet krbLastPwdChange" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "Problem identifierade av validerare: %zu\n" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "krbPasswordExpiration-attribut" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "Meddelanden genererade under sammanslagning av konfigurationen: %zu\n" +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva" -#: src/tools/sssctl/sssctl_config.c:137 -#, fuzzy, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "Använda konfigurationssnuttfiler: %u\n" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "AD:s attribut accountExpires" -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "Kan inte skapa en katalog för säkerhetskopia [%d]: %s" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "AD:s attribut userAccountControl" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "En SSSD-säkerhetskopia av lokala data finns redan, åsidosätt?" +#~ msgid "nsAccountLock attribute" +#~ msgstr "attributet nsAccountLock" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "Kan inte exportera användaråsidosättanden\n" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "NDS attribut loginDisabled" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "Kan inte exportera gruppåsidosättanden\n" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "NDS attribut loginExpirationTime" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "Åsidosätt befintlig säkerhetskopia" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "NDS attribut loginAllowedTimeMap" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "Kan inte importera användaråsidosättanden\n" +#~ msgid "SSH public key attribute" +#~ msgstr "Attribut för publik SSH-nyckel" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "Kan inte importera gruppåsidosättanden\n" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "" +#~ "attribut för listning av tillåtna autentiseringstyper för en användare" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "Starta SSSD om den inte kör" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "attribut som innehåller användarens X509-certifikat" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "Starta om SSSD efter import av data" +#~ msgid "attribute containing the email address of the user" +#~ msgstr "attribut som innehåller e-postadresser till användaren" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "Skapa rena cachefiler och importera lokala data" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "En lista över extra attribut att hämta tillsammans med användarposten" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "Stoppa SSSD före cachen tas bort" +#~ msgid "Base DN for group lookups" +#~ msgstr "Bas-DN för gruppuppslagningar" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "Starta SSSD när cachen är borttagen" +#~ msgid "Objectclass for groups" +#~ msgstr "Objektklass för grupper" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "Skapa säkerhetskopia av lokala data …\n" +#~ msgid "Group name" +#~ msgstr "Gruppnamn" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" -"Kan inte skapa säkerhetskopia av lokala data, kan inte ta bort cachen.\n" +#~ msgid "Group password" +#~ msgstr "Grupplösenord" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "Tar bort cache-filer …\n" +#~ msgid "GID attribute" +#~ msgstr "GID-attribut" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "Kan inte ta bort cache-filer\n" +#~ msgid "Group member attribute" +#~ msgstr "Gruppmedlemsattribut" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "Återställer lokala data …\n" +#~ msgid "Group UUID attribute" +#~ msgstr "Grupp-UUID-attribut" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "Visa domänlistan inklusive primär eller betrodd domäntyp" +#~ msgid "Modification time attribute for groups" +#~ msgstr "Modifieringstidsattribut för grupper" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "Det går inte att ansluta till systembussen!\n" +#~ msgid "Type of the group and other flags" +#~ msgstr "Typen av grupp och andra flaggor" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "Uppkopplad" +#~ msgid "The LDAP group external member attribute" +#~ msgstr "LDAP-gruppens externa medlemsattribut" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "Frånkopplad" +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "Maximal nästlingsnivå SSSD kommer följa" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "Uppkopplingsstatus: %s\n" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "Bas-DN för nätgruppuppslagningar" -#: src/tools/sssctl/sssctl_domains.c:213 -#, fuzzy -msgid "This domain has no active servers.\n" -msgstr "Visa information om aktiv server" +#~ msgid "Objectclass for netgroups" +#~ msgstr "Objektklass för nätgrupper" + +#~ msgid "Netgroup name" +#~ msgstr "Nätgruppnamn" + +#~ msgid "Netgroups members attribute" +#~ msgstr "Attribut på nätgruppmedlemmar" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "Aktiva servrar:\n" +#~ msgid "Netgroup triple attribute" +#~ msgstr "Attribut på nätgruppstripplar" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "inte ansluten" +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Modifieringstidsattribut för nätgrupper" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "Base DN for service lookups" +#~ msgstr "Bas-DN för tjänsteuppslagningar" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "Upptäckte %s servrar:\n" +#~ msgid "Objectclass for services" +#~ msgstr "Objektklass för tjänster" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "Ingen än så länge.\n" +#~ msgid "Service name attribute" +#~ msgstr "Tjänstenamnsattribut" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "Visa uppkopplingsstatus" +#~ msgid "Service port attribute" +#~ msgstr "Tjänsteportsattribut" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "Visa information om aktiv server" +#~ msgid "Service protocol attribute" +#~ msgstr "Tjänsteprotokollsattribut" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "Visa lista över upptäckta servrar" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Undre gräns för ID-mappning" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "Ange domännamn." +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Övre gräns för ID-mappning" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "Slut på minne!\n" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "Antal ID:n till varje skiva vid ID-mappning" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "Kan inte ta reda på uppkopplingsstatus\n" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "Använd en autorid-kompatibel algoritm för ID-mappning" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "Kan inte ta reda på serverlistan\n" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "Standarddomänens namn för ID-mappning" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "Standarddomänens SID för ID-mappning" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "Radera loggfiler istället för att hugga av" +#~ msgid "Number of secondary slices" +#~ msgstr "Antal sekundära skivor" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "Raderar loggfiler …\n" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Huruvida Token-Groups skall användas" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "Kan inte ta bort loggfiler\n" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "Hugger av loggfiler …\n" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern" -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "Kan inte hugga av loggfiler\n" +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN för ppolicy-frågor" -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "Slut på minne!" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "Hur många poster att maximalt hämta i en joker-begäran" -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "Arkiverar loggfiler in i %s …\n" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Policy för att utvärdera utgång av lösenord" -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "Kan inte arkivera loggfiler\n" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut" -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "Ange felsökningsnivå du vill sätta" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll" -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "Resultat av SSSD InfoPipe-användaruppslagning:\n" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna" -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "dlopen misslyckades med [%s].\n" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna" -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "dlsym misslyckades med [%s].\n" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern" -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "malloc misslyckades.\n" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter " +#~ "en ändring av lösenord" -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "sss_getpwnam_r misslyckades med [%d].\n" +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Bas-DN för regeluppslagningar" -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "Resultat av SSSD nss-användaruppslagning:\n" +#~ msgid "Automatic full refresh period" +#~ msgstr "Intervall mellan automatisk fullständig omläsning" -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr " - användarnamn: %s\n" +#~ msgid "Automatic smart refresh period" +#~ msgstr "Intervall mellan automatisk smart omläsning" -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr " - användar-id: %d\n" +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk" -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr " - grupp-id: %d\n" +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin " +#~ "för att filtrera sudo-regler" -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr " - gecos: %s\n" +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att " +#~ "filtrera sudo-regler" -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr " - hemkatalog: %s\n" +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas" -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" -" - skal: %s\n" -"\n" +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Huruvida regler som innehåller reguljära uttryck i värdattribut skall " +#~ "inkluderas" -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "PAM-åtgärd [auth|acct|setc|chau|open|clos], standard: " +#~ msgid "Object class for sudo rules" +#~ msgstr "Objektklass för sudo-regler" -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "PAM-tjänst, standard: " +#~ msgid "Sudo rule name" +#~ msgstr "Sudo-regelnamn" -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "Ange användarnamn." +#~ msgid "Sudo rule command attribute" +#~ msgstr "Attribut för sudo-regelkommandon" -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" -"användare: %s\n" -"åtgärd: %s\n" -"tjänst: %s\n" -"\n" +#~ msgid "Sudo rule host attribute" +#~ msgstr "Attribut för sudo-regelvärd" -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "Användarnamnsuppslagning med [%s] misslyckades.\n" +#~ msgid "Sudo rule user attribute" +#~ msgstr "Attribut för sudo-regelanvändare" -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "InfoPipe-användaruppslagning med [%s] misslyckades.\n" +#~ msgid "Sudo rule option attribute" +#~ msgstr "Attribut för sudo-regelflaggor" -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "pam_start misslyckades: %s\n" +#~ msgid "Sudo rule runas attribute" +#~ msgstr "Sudo-regel-runas-attribut" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" -"testar pam_authenticate\n" -"\n" +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "Attribut för sudo-runasuser" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "pam_get_item misslyckades: %s\n" +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Attribut på runasgroup i sudo-regel" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" -"pam_authenticate för användaren [%s]: %s\n" -"\n" +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Attribut för sudo-notbefore-regler" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" -"testar pam_chauthtok\n" -"\n" +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Attribut för sudo-notafter-regler" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" -"pam_chauthtok: %s\n" -"\n" +#~ msgid "Sudo rule order attribute" +#~ msgstr "Attribut för sudo-order-regler" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "" -"testar pam_acct_mgmt\n" -"\n" +#~ msgid "Object class for automounter maps" +#~ msgstr "Objektklass för avbildningar för automatmonterare" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" -"pam_acct_mgmt: %s\n" -"\n" +#~ msgid "Automounter map name attribute" +#~ msgstr "Attribut för namn i avbildningar för automatmonterare" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" -"testar pam_setcred\n" -"\n" +#~ msgid "Object class for automounter map entries" +#~ msgstr "Objektklass för poster i avbildningar för automatmonterare" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" -"pam_setcred: [%s]\n" -"\n" +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Attribut för postnycklar i avbildningar för automatmonterare" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "" -"testar pam_open_session\n" -"\n" +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Attribut på postvärde i avbildning för automatmonteraren" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" -"pam_open_session: %s\n" -"\n" +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "Bas-DN för uppslagningar i avbildningar för automatmonterare" -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "" -"testar pam_close_session\n" -"\n" +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Kommaseparerad lista över tillåtna användare" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" -"pam_close_session: %s\n" -"\n" +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Kommaseparerad lista över förbjudna användare" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "okänd åtgärd\n" +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Standardskal, /bin/bash" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "PAM-miljö:\n" +#~ msgid "Base for home directories" +#~ msgstr "Bas för hemkataloger" -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr " - ingen miljö -\n" +#~ msgid "The number of preforked proxy children." +#~ msgstr "Antal ombudsbarn före grening" -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "Användar-ID:t att köra servern som" +#~ msgid "The name of the NSS library to use" +#~ msgstr "Namnet på NSS-biblioteket att använda" -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "Grupp-ID:t att köra servern som" +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt" -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "Informerar att respondenten har blivit uttagsaktiverad" +#~ msgid "PAM stack to use" +#~ msgstr "PAM-stack att använda" -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "Informerar att respondenten har blivit dbus-aktiverad" +#~ msgid "Path of passwd file sources." +#~ msgstr "Sökväg till lösenordsfilkällor." + +#~ msgid "Path of group file sources." +#~ msgstr "Sökväg till gruppfilkällor." diff --git a/po/tg.po b/po/tg.po index 5009cf304f..af249d6956 100644 --- a/po/tg.po +++ b/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:48+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -19,1535 +19,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Номи гурӯҳ" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Пароли гурӯҳ" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Аттрибути GID" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1587,7 +107,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2400,7 +920,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2577,44 +1097,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2823,3 +1343,12 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Group name" +#~ msgstr "Номи гурӯҳ" + +#~ msgid "Group password" +#~ msgstr "Пароли гурӯҳ" + +#~ msgid "GID attribute" +#~ msgstr "Аттрибути GID" diff --git a/po/tr.po b/po/tr.po index f05e7dca86..18078edba2 100644 --- a/po/tr.po +++ b/po/tr.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:49+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Turkish (http://www.transifex.com/projects/p/sssd/language/" @@ -20,1535 +20,55 @@ msgstr "" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Servis başlatma komutu" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "En az kullanıcı ID'si" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "En fazla kullanıcı ID'si" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA alanı" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos sunucu adresi" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1588,7 +108,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2401,7 +921,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2578,44 +1098,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2824,3 +1344,18 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Command to start service" +#~ msgstr "Servis başlatma komutu" + +#~ msgid "Minimum user ID" +#~ msgstr "En az kullanıcı ID'si" + +#~ msgid "Maximum user ID" +#~ msgstr "En fazla kullanıcı ID'si" + +#~ msgid "IPA domain" +#~ msgstr "IPA alanı" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos sunucu adresi" diff --git a/po/uk.po b/po/uk.po index 098e0d472d..f0d81ceb01 100644 --- a/po/uk.po +++ b/po/uk.po @@ -14,8 +14,8 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" -"PO-Revision-Date: 2019-08-16 05:48+0000\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" +"PO-Revision-Date: 2019-12-02 08:43+0000\n" "Last-Translator: Yuri Chornoivan \n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" @@ -27,3035 +27,2706 @@ msgstr "" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "Встановити рівень докладності діагностичних записів журналу" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "Додати до діагностичних журналів позначки часу" +#: src/monitor/monitor.c:2371 +msgid "Become a daemon (default)" +msgstr "Запуститися фонову службу (типова поведінка)" -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "Включати мілісекунди до часових позначок у журналах" +#: src/monitor/monitor.c:2373 +msgid "Run interactive (not a daemon)" +msgstr "Запустити у інтерактивному режимі (без фонової служби)" -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "Записувати діагностичні повідомлення до файлів журналу" +#: src/monitor/monitor.c:2376 +msgid "Disable netlink interface" +msgstr "Вимкнути інтерфейс netlink" -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" -"Час очікування відповіді засобу спостереження перед перезапуском служби" +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 +msgid "Specify a non-default config file" +msgstr "Вказати нетиповий файл налаштувань" -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "Команда запуску служби" +#: src/monitor/monitor.c:2380 +msgid "Refresh the configuration database, then exit" +msgstr "Оновити налаштування бази даних, потім вийти" -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "Кількість повторних спроб встановлення з’єднання з надавачами даних" +#: src/monitor/monitor.c:2383 +msgid "Similar to --genconf, but only refreshes the given section" +msgstr "Подібний до --genconf, але оновлює дані лише вказаного розділу" -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "Кількість дескрипторів файлів, які може бути відкрито цим відповідачем" +#: src/monitor/monitor.c:2386 +msgid "Print version number and exit" +msgstr "Вивести номер версії і завершити роботу" -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" -"Проміжок бездіяльності до автоматичного від’єднання клієнтської частини" +#: src/monitor/monitor.c:2532 +msgid "SSSD is already running\n" +msgstr "SSSD вже запущено\n" -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "Проміжок бездіяльності до автоматичного вимикання відповідача" +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 +msgid "Debug level" +msgstr "Рівень зневаджування" -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "Завжди опитувати усі кеші до опитування засобів надання даних" +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 +msgid "Add debug timestamps" +msgstr "Додавати діагностичні часові позначки" -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "Служби SSSD, які слід запустити" +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 +msgid "Show timestamps with microseconds" +msgstr "Показувати мікросекунди у часових позначках" -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "Домени SSSD, які слід запустити" +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 +msgid "An open file descriptor for the debug logs" +msgstr "Дескриптор відкритого файла для запису журналів діагностики" -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "Час очікування для повідомлень, надісланих за допомогою SBUS" +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 +msgid "Send the debug output to stderr directly." +msgstr "Надіслати діагностичну інформацію безпосередньо до stderr." -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "Формальний вираз для обробки імені користувача і домену" +#: src/providers/krb5/krb5_child.c:3245 +msgid "The user to create FAST ccache as" +msgstr "Користувач, від імені якого слід створити ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "Сумісний з printf формат показу повних назв" +#: src/providers/krb5/krb5_child.c:3247 +msgid "The group to create FAST ccache as" +msgstr "Група, від імені якої слід створити ccache FAST" -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Каталог у файловій системі, де SSSD має зберігати файли кешу відтворення " -"Kerberos." +#: src/providers/krb5/krb5_child.c:3249 +msgid "Kerberos realm to use" +msgstr "Область Kerberos, якою слід скористатися" -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "Домен, який слід додати до назв без компонента домену." +#: src/providers/krb5/krb5_child.c:3251 +msgid "Requested lifetime of the ticket" +msgstr "Запитаний строк дії квитка" -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "Користувач, привілеї якого слід скинути" +#: src/providers/krb5/krb5_child.c:3253 +msgid "Requested renewable lifetime of the ticket" +msgstr "Запитаний час оновлення строку дії квитка" -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "Скоригувати перевірку сертифікатів" +#: src/providers/krb5/krb5_child.c:3255 +msgid "FAST options ('never', 'try', 'demand')" +msgstr "Параметри FAST ('never', 'try', 'demand')" -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" +#: src/providers/krb5/krb5_child.c:3258 +msgid "Specifies the server principal to use for FAST" msgstr "" -"Усі пробіли у назвах груп і іменах користувачів буде замінено на цей символ" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "Налаштувати sssd на врахування або ігнорування змін стану netlink" +"Визначає реєстраційний запис сервера, який слід використовувати для FAST" -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "Увімкнути або вимкнути домен неявних файлів" +#: src/providers/krb5/krb5_child.c:3260 +msgid "Requests canonicalization of the principal name" +msgstr "Вимагає перетворення реєстраційного запису у канонічну форму" -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "Певний порядок доменів, у якому їх слід використовувати для пошуку" +#: src/providers/krb5/krb5_child.c:3262 +msgid "Use custom version of krb5_get_init_creds_password" +msgstr "Використовувати нетипову версію krb5_get_init_creds_password" -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "Тривалість часу очікування на дані кешу нумерування (у секундах)" +#: src/providers/data_provider_be.c:674 +msgid "Domain of the information provider (mandatory)" +msgstr "Домен надання відомостей (обов’язковий)" -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "Час очікування на фонове оновлення кешу записів (у секундах)" +#: src/sss_client/common.c:1079 +msgid "Privileged socket has wrong ownership or permissions." +msgstr "У привілейованого сокета помилковий власник або права доступу." -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "Від’ємний час очікування на дані з кешу (у секундах)" +#: src/sss_client/common.c:1082 +msgid "Public socket has wrong ownership or permissions." +msgstr "У відкритого сокета помилковий власник або права доступу." -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "Від’ємний час очікування на дані з кешу файлів (у секундах)" +#: src/sss_client/common.c:1085 +msgid "Unexpected format of the server credential message." +msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера." -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "Користувачі, яких SSSD має явно ігнорувати" +#: src/sss_client/common.c:1088 +msgid "SSSD is not run by root." +msgstr "SSSD запущено не від імені користувача root." -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "Групи користувачів, які SSSD має явно ігнорувати" +#: src/sss_client/common.c:1091 +msgid "SSSD socket does not exist." +msgstr "Сокета SSSD не існує." -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "Чи слід показувати відфільтрованих користувачів у групах" +#: src/sss_client/common.c:1094 +msgid "Cannot get stat of SSSD socket." +msgstr "Не вдалося отримати статистику щодо сокета SSSD." -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "Значення поля пароля, яке має повертати постачальник даних NSS" +#: src/sss_client/common.c:1099 +msgid "An error occurred, but no description can be found." +msgstr "Сталася помилка, але не вдалося знайти її опису." -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" -"Замінити значення назви домашнього каталогу від надавача профілю цим " -"значенням" +#: src/sss_client/common.c:1105 +msgid "Unexpected error while looking for an error description" +msgstr "Неочікувана помилка під час пошуку опису помилки" -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" -"Замінювати порожні значення домашніх каталогів у засобі надання даних " -"профілів цим значенням" +#: src/sss_client/pam_sss.c:68 +msgid "Permission denied. " +msgstr "Відмовлено у доступі. " -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "Замінити значення оболонки від надавача профілю цим значенням" +#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 +#: src/sss_client/pam_sss.c:790 +msgid "Server message: " +msgstr "Повідомлення сервера: " -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "Список оболонок, за допомогою яких можуть входити користувачі" +#: src/sss_client/pam_sss.c:297 +msgid "Passwords do not match" +msgstr "Паролі не збігаються" -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "Список оболонок, які буде заборонено і замінено резервною оболонкою" +#: src/sss_client/pam_sss.c:485 +msgid "Password reset by root is not supported." +msgstr "Підтримки скидання пароля користувачем root не передбачено." -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" -"Якщо оболонка, що зберігається у центральному каталозі дозволена, але " -"недоступна, використовувати цю резервну" +#: src/sss_client/pam_sss.c:526 +msgid "Authenticated with cached credentials" +msgstr "Розпізнано за реєстраційними даними з кешу" -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "Оболонка, яку слід використовувати, якщо засіб не надає жодної" +#: src/sss_client/pam_sss.c:527 +msgid ", your cached password will expire at: " +msgstr ", строк дії вашого кешованого пароля завершиться: " -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "Строк дії записів кешу у пам’яті" +#: src/sss_client/pam_sss.c:557 +#, c-format +msgid "Your password has expired. You have %1$d grace login(s) remaining." +msgstr "Строк дії вашого пароля вичерпано. Залишилося %1$d резервних входи." -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" -"Список атрибутів запису користувача, які може оприлюднювати відповідач NSS" +#: src/sss_client/pam_sss.c:603 +#, c-format +msgid "Your password will expire in %1$d %2$s." +msgstr "Строк дії вашого пароля завершиться за %1$d %2$s." -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" -"Тривалість зберігання кешованих реєстраційних даних між входами до системи " -"(у днях)" +#: src/sss_client/pam_sss.c:652 +msgid "Authentication is denied until: " +msgstr "Розпізнавання заборонено до: " -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "Макс. дозволена кількість помилкових спроб входу у автономному режимі" +#: src/sss_client/pam_sss.c:673 +msgid "System is offline, password change not possible" +msgstr "Система працює у автономному режимі, зміна пароля неможлива" -#: src/config/SSSDConfig/__init__.py.in:93 +#: src/sss_client/pam_sss.c:688 msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" +"After changing the OTP password, you need to log out and back in order to " +"acquire a ticket" msgstr "" -"Тривалість (у хвилинах) заборони входу після досягнення значення " -"offline_failed_login_attempts" +"Після зміни пароля OTP вам слід вийти із системи і увійти до неї знову, щоб " +"отримати про квиток" -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "Тип повідомлень, які буде показано користувачеві під час розпізнавання" +#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 +msgid "Password change failed. " +msgstr "Спроба зміни пароля зазнала невдачі. " -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "Фільтрувати відповіді PAM, які надіслано pam_sss" +#: src/sss_client/pam_sss.c:2008 +msgid "New Password: " +msgstr "Новий пароль: " -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" -"Тривалість (у секундах) зберігання даних щодо розпізнавання у кеші для " -"запитів PAM" +#: src/sss_client/pam_sss.c:2009 +msgid "Reenter new Password: " +msgstr "Ще раз введіть новий пароль: " -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" -"Визначає кількість днів між днем, коли має бути показано попередження, і " -"днем, коли завершиться строк дії пароля" +#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 +msgid "First Factor: " +msgstr "Перший фактор:" -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "Список надійних UUID або імен користувачів" +#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 +msgid "Second Factor (optional): " +msgstr "Другий фактор (необов'язковий): " -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" -"Список доменів, доступ до яких відкрито навіть для ненадійних користувачів." +#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 +msgid "Second Factor: " +msgstr "Другий фактор:" -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" -"Повідомлення, яке буде виведено, коли строк дії облікового запису " -"користувача буде завершено." +#: src/sss_client/pam_sss.c:2190 +msgid "Password: " +msgstr "Пароль: " -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" -"Повідомлення, яке буде виведено, коли обліковий запис користувача буде " -"заблоковано." +#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 +msgid "First Factor (Current Password): " +msgstr "Перший фактор (поточний пароль): " -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "Дозволити розпізнавання за сертифікатом або смарткарткою." +#: src/sss_client/pam_sss.c:2349 +msgid "Current Password: " +msgstr "Поточний пароль: " -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "Шлях до бази даних сертифікатів із модулями PKCS#11." +#: src/sss_client/pam_sss.c:2704 +msgid "Password expired. Change your password now." +msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" -"Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " -"p11_child" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 +#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 +#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 +#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 +#: src/tools/sss_cache.c:719 +msgid "The debug level to run with" +msgstr "Рівень діагностики під час запуску" -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" -"Визначає, яким службам PAM дозволено встановлювати з'єднання із доменами " -"програм" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 +msgid "The SSSD domain to use" +msgstr "Домен SSSD, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "Дозволені служби для використання смарт-карток" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 +#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 +#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 +#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 +#: src/tools/sss_cache.c:765 +msgid "Error setting the locale\n" +msgstr "Помилка під час спроби встановити локаль\n" -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "Додатковий час очікування на картку, якщо надійде запит" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 +msgid "Not enough memory\n" +msgstr "Недостатньо пам’яті\n" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" -"Адреса PKCS#11 для обмеження переліку пристроїв для розпізнавання за смарт-" -"карткою" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 +msgid "User not specified\n" +msgstr "Не вказано користувача\n" -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" -"Визначає, чи слід обробляти атрибути правил sudo, пов’язані з часовими " -"обмеженнями" +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 +msgid "Error looking up public keys\n" +msgstr "Помилка під час спроби пошуку відкритих ключів\n" -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" -"Якщо має значення true, SSSD перемикнеться на логіку упорядковування менший-" -"кращий" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 +msgid "The port to use to connect to the host" +msgstr "Порт, яким слід користуватися для встановлення з’єднань з вузлом" -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" -"Максимальна кількість правил, які може бути одночасно оновлено. Якщо цю " -"кількість буде перевищено, буде виконано повне оновлення." +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 +msgid "Print the host ssh public keys" +msgstr "Вивести відкриті ключі SSH вузла" -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "Чи слід хешувати назви та адреси вузлів у файлі known_hosts" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 +msgid "Invalid port\n" +msgstr "Некоректний порт.\n" -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" -"Кількість секунд, протягом яких запису вузла зберігатиметься у файлі " -"known_hosts після надсилання запиту щодо ключів вузла" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 +msgid "Host not specified\n" +msgstr "Не вказано вузол\n" -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "Шлях до сховища надійних сертифікатів служб сертифікації (CA)" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 +msgid "The path to the proxy command must be absolute\n" +msgstr "Має бути вказано абсолютний шлях до команди проксі-сервера\n" -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 +#, c-format +msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" +msgstr "sss_ssh_knownhostsproxy: не вдалося визначити назву вузла %s\n" -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" +#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 +msgid "The UID of the user" +msgstr "Ідентифікатор користувача" -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" -"Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано " -"доступ до відповідача PAC" +#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 +msgid "The comment string" +msgstr "Рядок коментаря" -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "Час, протягом якого дані PAC вважатимуться чинними" +#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 +msgid "Home directory" +msgstr "Домашній каталог" -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" -"Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано " -"доступ до відповідача InfoPipe" +#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 +msgid "Login shell" +msgstr "Оболонка входу" -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "Список атрибутів запису користувача, які може оприлюднювати InfoPipe" +#: src/tools/sss_useradd.c:53 +msgid "Groups" +msgstr "Групи" -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "Модуль надання даних, у якому будуть зберігатися реєстраційні дані" +#: src/tools/sss_useradd.c:54 +msgid "Create user's directory if it does not exist" +msgstr "Створити каталог користувача, якщо його ще не існує" -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "Максимальна дозволена кількість вкладених контейнерів" +#: src/tools/sss_useradd.c:55 +msgid "Never create user's directory, overrides config" +msgstr "Ніколи не створювати каталог користувача, перевизначає налаштування" -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "Максимальна кількість записів реєстраційних даних, які можна зберігати" +#: src/tools/sss_useradd.c:56 +msgid "Specify an alternative skeleton directory" +msgstr "Вказати альтернативний основний каталог" -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" -"Максимальна кількість записів реєстраційних даних, які можна зберігати за UID" +#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 +msgid "The SELinux user for user's login" +msgstr "Ім’я користувача SELinux для входу до системи" -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "Максимальний обсяг запису реєстраційних даних у кілобайтах" +#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 +#: src/tools/sss_usermod.c:92 +msgid "Specify group to add to\n" +msgstr "Вкажіть групу для додавання\n" -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "Адреса, на якій очікує дані сервер Custodia" +#: src/tools/sss_useradd.c:111 +msgid "Specify user to add\n" +msgstr "Вкажіть користувача, запис якого слід додати\n" -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "Спосіб розпізнавання сервером Custodia" +#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 +#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 +#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 +#: src/tools/sss_usermod.c:162 +msgid "Error initializing the tools - no local domain\n" +msgstr "Помилка ініціалізації інструментів: немає локального домену\n" -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" -"Назва заголовків, які буде додано до запиту HTTP зі значенням, яке визначено " -"в auth_header_value" +#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 +#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 +#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 +#: src/tools/sss_usermod.c:164 +msgid "Error initializing the tools\n" +msgstr "Помилка ініціалізації інструментів\n" -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "Значення, яке sssd-secrets має використовувати для auth_header_name" +#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 +#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 +#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 +#: src/tools/sss_usermod.c:173 +msgid "Invalid domain specified in FQDN\n" +msgstr "У FQDN вказано некоректний домен\n" -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" -"Список заголовків, які слід переспрямувати до сервера Custodia разом із " -"запитом" +#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 +#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 +#: src/tools/sss_usermod.c:226 +msgid "Internal error while parsing parameters\n" +msgstr "Внутрішня помилка під час обробки параметрів\n" -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Ім'я користувача, яким слід скористатися для розпізнавання на сервері " -"Custodia з використанням basic_auth" +#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 +#: src/tools/sss_usermod.c:235 +msgid "Groups must be in the same domain as user\n" +msgstr "Групи мають належати до того самого домену, що і користувач\n" -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" -"Пароль, яким слід скористатися для розпізнавання на сервері Custodia з " -"використанням basic_auth" +#: src/tools/sss_useradd.c:159 +#, c-format +msgid "Cannot find group %1$s in local domain\n" +msgstr "Не вдалося знайти групу %1$s у локальному домені\n" -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" -"Якщо має значення true, сертифікат вузла перевірятиметься, якщо proxy_url " -"використовує протокол https" +#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 +msgid "Cannot set default values\n" +msgstr "Не вдалося встановити типові значення\n" -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" +#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 +msgid "The selected UID is outside the allowed range\n" msgstr "" -"Якщо має значення false, сертифікат вузла може містити іншу назву вузла ніж " -"proxy_url, якщо використано протокол https" +"Вибраний ідентифікатор користувача не належить до діапазону дозволених\n" + +#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 +msgid "Cannot set SELinux login context\n" +msgstr "Не вдалося встановити контекст входу SELinux\n" -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "Шлях до каталогу, у якому зберігаються сертифікати служби сертифікації" +#: src/tools/sss_useradd.c:224 +msgid "Cannot get info about the user\n" +msgstr "Не вдалося отримати відомості щодо користувача\n" -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" +#: src/tools/sss_useradd.c:236 +msgid "User's home directory already exists, not copying data from skeldir\n" msgstr "" -"Шлях до файла, у якому міститься сертифікат служби сертифікації (CA) сервера" +"Домашній каталог користувача вже існує, копіювання даних з каталогу skel не " +"виконуватиметься\n" + +#: src/tools/sss_useradd.c:239 +#, c-format +msgid "Cannot create user's home directory: %1$s\n" +msgstr "Не вдалося створити домашній каталог користувача: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "Шлях до файла, у якому міститься сертифікат клієнта" +#: src/tools/sss_useradd.c:250 +#, c-format +msgid "Cannot create user's mail spool: %1$s\n" +msgstr "Не вдалося створити поштовий буфер користувача: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "Шлях до файла, у якому міститься закритий ключ клієнта" +#: src/tools/sss_useradd.c:270 +msgid "Could not allocate ID for the user - domain full?\n" +msgstr "" +"Не вдалося отримати ідентифікатор для користувача. Домен переповнено?\n" -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "Служба профілів" +#: src/tools/sss_useradd.c:274 +msgid "A user or group with the same name or ID already exists\n" +msgstr "" +"Вже існує користувач або група з таким самим іменем, назвою або " +"ідентифікатором\n" -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "Служба розпізнавання" +#: src/tools/sss_useradd.c:280 +msgid "Transaction error. Could not add user.\n" +msgstr "Помилка під час виконання операції. Не вдалося додати користувача.\n" -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "Служба керування доступом" +#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 +msgid "The GID of the group" +msgstr "Ідентифікатор групи" -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "Служба зміни паролів" +#: src/tools/sss_groupadd.c:76 +msgid "Specify group to add\n" +msgstr "Вкажіть групу, яку слід додати\n" -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "Служба SUDO" +#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 +msgid "The selected GID is outside the allowed range\n" +msgstr "Вибраний ідентифікатор групи не належить до діапазону дозволених\n" -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "Служба автоматизації файлових систем" +#: src/tools/sss_groupadd.c:143 +msgid "Could not allocate ID for the group - domain full?\n" +msgstr "Не вдалося отримати ідентифікатор для групи. Домен переповнено?\n" -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "Служба профілів вузлів" +#: src/tools/sss_groupadd.c:147 +msgid "A group with the same name or GID already exists\n" +msgstr "Вже існує група з такою самою назвою або ідентифікатором\n" -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "Надавач даних SELinux" +#: src/tools/sss_groupadd.c:153 +msgid "Transaction error. Could not add group.\n" +msgstr "Помилка під час виконання операції Не вдалося додати групу.\n" -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "Засіб керування сеансами" +#: src/tools/sss_groupdel.c:70 +msgid "Specify group to delete\n" +msgstr "Вкажіть групу, яку слід вилучити\n" -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" -"Визначає, чи можна використовувати домен у операційній системі або у " -"програмах" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "Мін. ідентифікатор користувача" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "Макс. ідентифікатор користувача" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "Увімкнути нумерацію всіх користувачів/груп" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "Кешувати реєстраційні дані для автономного входу" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "Показувати записи користувачів/груп повністю" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "Не включати учасників групи у пошуки групи" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "Тривалість кешування записів (у секундах)" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" -"Обмежити або надавати перевагу певному сімейству адрес під час виконання " -"пошуків DNS" +#: src/tools/sss_groupdel.c:104 +#, c-format +msgid "Group %1$s is outside the defined ID range for domain\n" +msgstr "Група %1$s не належить визначеному діапазону ідентифікаторів домену\n" -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" +#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 +#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 +#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 +#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 +#, c-format +msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" msgstr "" -"Тривалість зберігання кешованих записів після останнього успішного входу (у " -"днях)" +"Спроба запиту NSS зазнала невдачі (%1$d). Запис може залишитися у кеші у " +"пам’яті.\n" -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/tools/sss_groupdel.c:132 msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" -"Гранична тривалість спроби обмінятися даними SSSD з окремим сервером DNS, " -"перш ніж програма спробує наступний сервер (у мілісекундах)" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "Гранична тривалість спроби обробки окремого запиту DNS (у секундах)" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" +"No such group in local domain. Removing groups only allowed in local " +"domain.\n" msgstr "" -"Тривалість очікування на відповідь від DNS під час визначення адрес серверів " -"(у секундах)" +"У локальному домені немає такої групи. Вилучення груп можливе лише у межах " +"локального домену.\n" -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом" +#: src/tools/sss_groupdel.c:137 +msgid "Internal error. Could not remove group.\n" +msgstr "Внутрішня помилка. Не вдалося вилучити запис групи.\n" -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" -"Замінити значення ідентифікатора групи від надавача профілю цим значенням" +#: src/tools/sss_groupmod.c:44 +msgid "Groups to add this group to" +msgstr "Групи, до яких слід додати цю групу" -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "Враховувати регістр у іменах користувачів" +#: src/tools/sss_groupmod.c:46 +msgid "Groups to remove this group from" +msgstr "Групи, з яких слід вилучити цю групу" -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "Наскільки часто має виконувати оновлення у тлі застарілих записів" +#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 +msgid "Specify group to remove from\n" +msgstr "Вкажіть групу, запис якої слід вилучити\n" -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта" +#: src/tools/sss_groupmod.c:101 +msgid "Specify group to modify\n" +msgstr "Вкажіть групу, запис якої слід змінити\n" -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" +#: src/tools/sss_groupmod.c:130 +msgid "" +"Cannot find group in local domain, modifying groups is allowed only in local " +"domain\n" msgstr "" -"TTL, який слід застосовувати до запису DNS клієнта після його оновлення" +"Не вдалося знайти групу у локальному домені. Зміну записів груп можна " +"виконувати лише у межах локального домену\n" -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" +#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 +msgid "Member groups must be in the same domain as parent group\n" msgstr "" -"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "Визначає, наскільки часто слід періодично оновлювати запис DNS клієнта" +"Групи-учасники мають належати до того самого домену, що і основна група\n" -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" +#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 +#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 +#, c-format +msgid "" +"Cannot find group %1$s in local domain, only groups in local domain are " +"allowed\n" msgstr "" -"Визначає, чи слід надавачу даних також явним чином оновлювати запис PTR" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "Визначає, чи слід програмі nsupdate типово використовувати TCP" +"Не вдалося знайти групу %1$s у локальному домені, можна використовувати лише " +"групи з локального домену\n" -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" +#: src/tools/sss_groupmod.c:257 +msgid "Could not modify group - check if member group names are correct\n" msgstr "" -"Визначає тип розпізнавання, який слід використовувати для виконання " -"оновлення DNS" +"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назви груп-" +"учасників\n" -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" +#: src/tools/sss_groupmod.c:261 +msgid "Could not modify group - check if groupname is correct\n" msgstr "" -"Перевизначити сервер DNS, який використовуватиметься для виконання оновлення " -"DNS" +"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назву групи\n" -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "Керувати нумерацією надійних доменів" +#: src/tools/sss_groupmod.c:265 +msgid "Transaction error. Could not modify group.\n" +msgstr "Помилка під час виконання операції Не вдалося змінити групу.\n" -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "Частота оновлення списку піддоменів" +#: src/tools/sss_groupshow.c:616 +msgid "Magic Private " +msgstr "Магічна приватна " -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "Список параметрів, які має бути успадковано у піддомені" +#: src/tools/sss_groupshow.c:615 +#, c-format +msgid "%1$s%2$sGroup: %3$s\n" +msgstr "%1$s%2$sГрупа: %3$s\n" -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "Типове значення домашнього каталогу для піддоменів" +#: src/tools/sss_groupshow.c:618 +#, c-format +msgid "%1$sGID number: %2$d\n" +msgstr "%1$sНомер GID: %2$d\n" -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" -"Строк, протягом якого кешовані реєстраційні дані може бути використано для " -"розпізнавання за кешем" +#: src/tools/sss_groupshow.c:620 +#, c-format +msgid "%1$sMember users: " +msgstr "%1$sКористувачі-учасники: " -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" +#: src/tools/sss_groupshow.c:627 +#, c-format +msgid "" +"\n" +"%1$sIs a member of: " msgstr "" -"Визначає, чи слід автоматично створювати приватні групи для користувачів" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "Домен IPA" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "Адреса сервера IPA" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "Адреса резервного сервера IPA" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "Назва вузла клієнта IPA" +"\n" +"%1$sє учасником: " -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#: src/tools/sss_groupshow.c:634 +#, c-format +msgid "" +"\n" +"%1$sMember groups: " msgstr "" -"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у " -"FreeIPA" +"\n" +"%1$sГрупи-учасники: " -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "Шукати у базі об’єкти, пов’язані з HBAC" +#: src/tools/sss_groupshow.c:670 +msgid "Print indirect group members recursively" +msgstr "Виводити дані щодо непрямих учасників групи рекурсивно" -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" -"Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA" +#: src/tools/sss_groupshow.c:704 +msgid "Specify group to show\n" +msgstr "Вкажіть групу, дані якої слід показати\n" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/tools/sss_groupshow.c:744 msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" +"No such group in local domain. Printing groups only allowed in local " +"domain.\n" msgstr "" -"Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде " -"проігноровано" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA" +"У локальному домені немає такої групи. Вивід даних груп можливий лише у " +"межах локального домену.\n" -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA" +#: src/tools/sss_groupshow.c:749 +msgid "Internal error. Could not print group.\n" +msgstr "Внутрішня помилка. Не вдалося вивести дані групи.\n" -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів" +#: src/tools/sss_userdel.c:138 +msgid "Remove home directory and mail spool" +msgstr "Вилучити домашній каталог і поштовий буфер" -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "Увімкнути сайти DNS — визначення служб на основі адрес" +#: src/tools/sss_userdel.c:140 +msgid "Do not remove home directory and mail spool" +msgstr "Не вилучати домашній каталог і поштовий буфер" -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "Шукати у базі контейнери перегляду" +#: src/tools/sss_userdel.c:142 +msgid "Force removal of files not owned by the user" +msgstr "Примусово вилучити файли, які не належать користувачеві" -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "Клас об’єктів для контейнерів перегляду" +#: src/tools/sss_userdel.c:144 +msgid "Kill users' processes before removing him" +msgstr "Припинити роботу процесів користувача перед вилученням його запису" -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "Атрибут із назвою перегляду" +#: src/tools/sss_userdel.c:190 +msgid "Specify user to delete\n" +msgstr "Вкажіть користувача, запис якого слід вилучити\n" -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "Клас об’єктів для об’єктів перевизначення" +#: src/tools/sss_userdel.c:236 +#, c-format +msgid "User %1$s is outside the defined ID range for domain\n" +msgstr "" +"Користувач %1$s не належить визначеному діапазону ідентифікаторів домену\n" -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "Атрибут із посиланням на початковий об’єкт" +#: src/tools/sss_userdel.c:261 +msgid "Cannot reset SELinux login context\n" +msgstr "Не вдалося відновити початковий контекст входу SELinux\n" -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "Клас об’єктів для об’єктів перевизначення користувачів" +#: src/tools/sss_userdel.c:273 +#, c-format +msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" +msgstr "" +"ПОПЕРЕДЖЕННЯ: користувач (uid %1$lu) все ще працював у системі на час " +"вилучення його запису.\n" -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "Клас об’єктів для об’єктів перевизначення груп" +#: src/tools/sss_userdel.c:278 +msgid "Cannot determine if the user was logged in on this platform" +msgstr "" +"Не вдалося визначити, чи увійшов користувач до системи на цій платформі" -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "Шукати у базі пов'язані і профілями станцій об'єкти" +#: src/tools/sss_userdel.c:283 +msgid "Error while checking if the user was logged in\n" +msgstr "Помилка під час перевірки входу користувача до системи\n" -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" -"Час, у секундах, між пошуками у правилах профілів станцій на сервері IPA" +#: src/tools/sss_userdel.c:290 +#, c-format +msgid "The post-delete command failed: %1$s\n" +msgstr "Помилка команди, яку слід було виконати після вилучення запису: %1$s\n" + +#: src/tools/sss_userdel.c:310 +msgid "Not removing home dir - not owned by user\n" +msgstr "Домашній каталог не буде вилучено. Він не належить користувачеві.\n" + +#: src/tools/sss_userdel.c:312 +#, c-format +msgid "Cannot remove homedir: %1$s\n" +msgstr "Не вдалося вилучити домашній каталог: %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/tools/sss_userdel.c:326 msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" +"No such user in local domain. Removing users only allowed in local domain.\n" msgstr "" -"Час, у хвилинах, між пошуками у правилах профілів станцій на сервері IPA, " -"якщо під час останнього запиту не було знайдено жодного правила" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "Домен Active Directory" +"У локальному домені немає такого користувача. Вилучення користувачів можливе " +"лише у межах локального домену.\n" -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "Увімкнені домени Active Directory" +#: src/tools/sss_userdel.c:331 +msgid "Internal error. Could not remove user.\n" +msgstr "Внутрішня помилка Не вдалося вилучити запис користувача.\n" -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "Адреса сервера Active Directory" +#: src/tools/sss_usermod.c:49 +msgid "The GID of the user" +msgstr "Ідентифікатор групи користувача" -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "Адреса резервного сервера Active Directory" +#: src/tools/sss_usermod.c:53 +msgid "Groups to add this user to" +msgstr "Групи, до яких слід додати цього користувача" -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "Назва клієнтського вузла Active Directory" +#: src/tools/sss_usermod.c:54 +msgid "Groups to remove this user from" +msgstr "Групи, з яких слід вилучити цього користувача" -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "Фільтр LDAP для визначення прав доступу" +#: src/tools/sss_usermod.c:55 +msgid "Lock the account" +msgstr "Заблокувати обліковий запис" -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "Чи слід використовувати загальний каталог для пошуку" +#: src/tools/sss_usermod.c:56 +msgid "Unlock the account" +msgstr "Розблокувати обліковий запис" -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "Режим роботи для керування доступом на основі GPO" +#: src/tools/sss_usermod.c:57 +msgid "Add an attribute/value pair. The format is attrname=value." +msgstr "Додати пару атрибут-значення. Форматування: атрибут=значення." -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" -"Інтервал часу між послідовними сеансами пошуку правил GPO на сервері AD" +#: src/tools/sss_usermod.c:58 +msgid "Delete an attribute/value pair. The format is attrname=value." +msgstr "Вилучити пару атрибут-значення. Форматування: атрибут=значення." -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/tools/sss_usermod.c:59 msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" +"Set an attribute to a name/value pair. The format is attrname=value. For " +"multi-valued attributes, the command replaces the values already present" msgstr "" -"Назви служб PAM, які виконують прив’язування до параметрів правил GPO " -"(Deny)InteractiveLogonRight" +"Встановити для вказаного за назвою атрибута значення. Форматування: " +"атрибут=значення. Для атрибутів з декількома значеннями команда призведе до " +"заміни поточних значень." -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" -"Назви служб PAM, які виконують прив’язування до параметрів правил GPO " -"(Deny)RemoteInteractiveLogonRight" +#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 +#: src/tools/sss_usermod.c:135 +msgid "Specify the attribute name/value pair(s)\n" +msgstr "Вказати пари атрибут-значення\n" -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" -"Назви служб PAM, які виконують прив’язування до параметрів правил GPO " -"(Deny)NetworkLogonRight" +#: src/tools/sss_usermod.c:152 +msgid "Specify user to modify\n" +msgstr "Вкажіть користувача, запис якого слід змінити\n" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/tools/sss_usermod.c:180 msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" +"Cannot find user in local domain, modifying users is allowed only in local " +"domain\n" msgstr "" -"Назви служб PAM, які виконують прив’язування до параметрів правил GPO " -"(Deny)BatchLogonRight" +"Не вдалося знайти користувача у локальному домені. Зміну записів " +"користувачів можна виконувати лише у межах локального домену\n" -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" +#: src/tools/sss_usermod.c:322 +msgid "Could not modify user - check if group names are correct\n" msgstr "" -"Назви служб PAM, які виконують прив’язування до параметрів правил GPO " -"(Deny)ServiceLogonRight" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "Назви служб PAM, яким завжди надається доступ на основі GPO" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "Назви служб PAM, яким ніколи не надається доступ на основі GPO" +"Не вдалося змінити запис користувача. Перевірте, чи правильно вказано назви " +"груп\n" -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" +#: src/tools/sss_usermod.c:326 +msgid "Could not modify user - user already member of groups?\n" msgstr "" -"Типове правило входу (або допуск/заборона), яким слід користуватися для " -"неприв’язаних назв служб PAM" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "певний сайт, який слід використовувати клієнту" +"Не вдалося змінити запис користувача. Користувач вже є учасником груп?\n" -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" +#: src/tools/sss_usermod.c:330 +msgid "Transaction error. Could not modify user.\n" msgstr "" -"Максимальний вік пароля облікового запису комп'ютера, при досягненні якого " -"пароль має бути оновлено" +"Помилка під час виконання операції. Не вдалося змінити запис користувача.\n" -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" -"Параметр налаштовування завдання оновлення облікових записів комп’ютерів" +#: src/tools/sss_cache.c:245 +msgid "No cache object matched the specified search\n" +msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n" -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Адреса сервера Kerberos" +#: src/tools/sss_cache.c:536 +#, c-format +msgid "Couldn't invalidate %1$s\n" +msgstr "Не вдалося скасувати чинність %1$s\n" -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "Адреса резервного сервера Kerberos" +#: src/tools/sss_cache.c:543 +#, c-format +msgid "Couldn't invalidate %1$s %2$s\n" +msgstr "Не вдалося скасувати чинність %1$s %2$s\n" -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "Область Kerberos" +#: src/tools/sss_cache.c:721 +msgid "Invalidate all cached entries" +msgstr "Скасувати чинність усіх кешованих записів" -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "Час очікування на розпізнавання" +#: src/tools/sss_cache.c:723 +msgid "Invalidate particular user" +msgstr "Скасувати визначення певного користувача" -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "Визначає, чи слід створювати файли kdcinfo" +#: src/tools/sss_cache.c:725 +msgid "Invalidate all users" +msgstr "Скасувати визначення всіх користувачів" -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "Місце, куди слід скидати фрагменти налаштувань krb5" +#: src/tools/sss_cache.c:727 +msgid "Invalidate particular group" +msgstr "Скасувати визначення певної групи" -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "Каталог, де зберігатиметься кеш реєстраційних даних" +#: src/tools/sss_cache.c:729 +msgid "Invalidate all groups" +msgstr "Скасувати визначення всіх груп" -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "Адреса кешу реєстраційних даних користувача" +#: src/tools/sss_cache.c:731 +msgid "Invalidate particular netgroup" +msgstr "Скасувати визначення певної мережевої групи" -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "Адреса таблиці ключів для перевірки реєстраційних даних" +#: src/tools/sss_cache.c:733 +msgid "Invalidate all netgroups" +msgstr "Скасувати визначення всіх мережевих груп" -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "Увімкнути перевірку реєстраційних даних" +#: src/tools/sss_cache.c:735 +msgid "Invalidate particular service" +msgstr "Скасувати визначення певної служби" -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі" +#: src/tools/sss_cache.c:737 +msgid "Invalidate all services" +msgstr "Скасувати визначення всіх служб" -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "Поновлюваний строк дії TGT" +#: src/tools/sss_cache.c:740 +msgid "Invalidate particular autofs map" +msgstr "Скасувати визначення певну карту autofs" -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "Строк дії TGT" +#: src/tools/sss_cache.c:742 +msgid "Invalidate all autofs maps" +msgstr "Скасувати визначення всіх карт autofs" -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "Граничний час між двома перевірками для поновлення" +#: src/tools/sss_cache.c:746 +msgid "Invalidate particular SSH host" +msgstr "Скасувати чинність певного вузла SSH" -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "Вмикає FAST" +#: src/tools/sss_cache.c:748 +msgid "Invalidate all SSH hosts" +msgstr "Скасувати чинність усіх вузлів SSH" -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "Визначає реєстраційний запис, який слід використовувати для FAST" +#: src/tools/sss_cache.c:752 +msgid "Invalidate particular sudo rule" +msgstr "Скасувати чинність певного правила sudo" -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "Вмикає перетворення реєстраційних записів у канонічну форму" +#: src/tools/sss_cache.c:754 +msgid "Invalidate all cached sudo rules" +msgstr "Скасувати чинність усіх кешованих правил sudo" -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "Увімкнути промислові реєстраційні дані" +#: src/tools/sss_cache.c:757 +msgid "Only invalidate entries from a particular domain" +msgstr "Скасувати визначення лише записів з певного домену" -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "Прив’язка імен користувачів до основних імен Kerberos" +#: src/tools/sss_cache.c:811 +msgid "" +"Unexpected argument(s) provided, options that invalidate a single object " +"only accept a single provided argument.\n" +msgstr "" +"Надано неочікувані аргументи. Параметри, які скасовують чинність окремого " +"об'єкта вимагають лише одного наданого аргументу.\n" -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" +#: src/tools/sss_cache.c:821 +msgid "Please select at least one object to invalidate\n" msgstr "" -"Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться " -"виявити у KDC" +"Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n" -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "ldap_uri, адреса URI сервера LDAP" +#: src/tools/sss_cache.c:904 +#, c-format +msgid "" +"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " +"use fully qualified name instead of --domain/-d parameter.\n" +msgstr "" +"Не вдалося відкрити домен %1$s. Якщо цей домен є піддоменом (довіреним " +"доменом), скористайтеся повною назвою замість параметра --domain/-d.\n" -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "ldap_backup_uri, адреса сервера LDAP" +#: src/tools/sss_cache.c:909 +msgid "Could not open available domains\n" +msgstr "Не вдалося відкрити доступні домени\n" -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "Типова базова назва домену" +#: src/tools/tools_util.c:202 +#, c-format +msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" +msgstr "Здається, назва «%1$s» не є FQDN (встановлено «%2$s = TRUE»)\n" -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "Тип схеми, використаний на сервері LDAP, rfc2307" +#: src/tools/tools_util.c:309 +msgid "Out of memory\n" +msgstr "Не вистачає пам'яті\n" -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "Режим для зміни пароля користувача" +#: src/tools/tools_util.h:40 +#, c-format +msgid "%1$s must be run as root\n" +msgstr "%1$s слід запускати від імені користувача root\n" -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "Типова назва домену прив’язки" +#: src/tools/sssctl/sssctl.c:35 +msgid "yes" +msgstr "так" -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "Тип розпізнавання для типової назви сервера прив’язки" +#: src/tools/sssctl/sssctl.c:37 +msgid "no" +msgstr "ні" -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "Лексема розпізнавання типової назви сервера прив’язки" +#: src/tools/sssctl/sssctl.c:39 +msgid "error" +msgstr "помилка" -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "Проміжок часу між спробами встановлення з’єднання" +#: src/tools/sssctl/sssctl.c:42 +msgid "Invalid result." +msgstr "Некоректний результат." -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP" +#: src/tools/sssctl/sssctl.c:78 +msgid "Unable to read user input\n" +msgstr "Не вдалося прочитати вхідні дані користувача\n" -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" -"Проміжок часу між повторними спробами встановлення з’єднання у автономному " -"режимі" +#: src/tools/sssctl/sssctl.c:91 +#, c-format +msgid "Invalid input, please provide either '%s' or '%s'.\n" +msgstr "Некоректні вхідні дані, будь ласка, вкажіть «%s» або «%s».\n" -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "Використовувати для назв областей лише великі літери" +#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 +msgid "Error while executing external command\n" +msgstr "Помилка під час спроби виконати зовнішню команду\n" -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "Файл, що містить сертифікати CA" +#: src/tools/sssctl/sssctl.c:156 +msgid "SSSD needs to be running. Start SSSD now?" +msgstr "SSSD має бути запущено. Запустити SSSD зараз?" -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "Шлях до каталогу сертифікатів CA" +#: src/tools/sssctl/sssctl.c:195 +msgid "SSSD must not be running. Stop SSSD now?" +msgstr "Роботу SSSD не завершено. Зупинити SSSD зараз?" -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "Файл, що містить клієнтський сертифікат" +#: src/tools/sssctl/sssctl.c:231 +msgid "SSSD needs to be restarted. Restart SSSD now?" +msgstr "SSSD слід перезапустити. Перезапустити SSSD зараз?" -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "Файл, що містить клієнтський ключ" +#: src/tools/sssctl/sssctl_cache.c:31 +#, c-format +msgid " %s is not present in cache.\n" +msgstr " %s немає у кеші.\n" -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "Показати список можливих інструментів шифрування" +#: src/tools/sssctl/sssctl_cache.c:33 +msgid "Name" +msgstr "Назва" -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "Потрібна перевірка сертифіката TLS" +#: src/tools/sssctl/sssctl_cache.c:34 +msgid "Cache entry creation date" +msgstr "Дата створення запису у кеші" -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "Вкажіть механізм SASL, який слід використовувати" +#: src/tools/sssctl/sssctl_cache.c:35 +msgid "Cache entry last update time" +msgstr "Момент останнього оновлення запису у кеші" -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати" +#: src/tools/sssctl/sssctl_cache.c:36 +msgid "Cache entry expiration time" +msgstr "Час завершення строку дії запису у кеші" -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "Вкажіть область уповноваження SASL, яку слід використовувати" +#: src/tools/sssctl/sssctl_cache.c:37 +msgid "Cached in InfoPipe" +msgstr "Кешовано в InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" -"Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl" +#: src/tools/sssctl/sssctl_cache.c:522 +#, c-format +msgid "Error: Unable to get object [%d]: %s\n" +msgstr "Помилка: не вдалося отримати об'єкт [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "Таблиця ключів служби Kerberos" +#: src/tools/sssctl/sssctl_cache.c:538 +#, c-format +msgid "%s: Unable to read value [%d]: %s\n" +msgstr "%s: не вдалося прочитати значення [%d]: %s\n" -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "Розпізнавання Kerberos для з’єднання LDAP" +#: src/tools/sssctl/sssctl_cache.c:566 +msgid "Specify name." +msgstr "Вказати ім'я." -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "Переходити за посиланнями LDAP" +#: src/tools/sssctl/sssctl_cache.c:576 +#, c-format +msgid "Unable to parse name %s.\n" +msgstr "Не вдалося обробити ім'я %s.\n" -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "Строк дії TGT для з’єднання LDAP" +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 +msgid "Search by SID" +msgstr "Шукати за SID" -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "Спосіб розіменування псевдонімів" +#: src/tools/sssctl/sssctl_cache.c:603 +msgid "Search by user ID" +msgstr "Шукати за ідентифікатором користувача" -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "Назва служби для пошуків за допомогою служби DNS" +#: src/tools/sssctl/sssctl_cache.c:612 +msgid "Initgroups expiration time" +msgstr "Час завершення строку дії груп ініціалізації" -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP" +#: src/tools/sssctl/sssctl_cache.c:650 +msgid "Search by group ID" +msgstr "Шукати за ідентифікатором групи" -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" -"Кількість учасників, яких має не вистачати для вмикання повного скасування " -"посилань" +#: src/tools/sssctl/sssctl_config.c:70 +#, c-format +msgid "Failed to open %s\n" +msgstr "Не вдалося відкрити %s\n" + +#: src/tools/sssctl/sssctl_config.c:75 +#, c-format +msgid "File %1$s does not exist.\n" +msgstr "Файла %1$s не існує.\n" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/tools/sssctl/sssctl_config.c:79 msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" +"File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" -"Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою " -"переведення назв вузлів у канонічну форму під час прив’язки до SASL" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "Атрибут entryUSN" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "Атрибут lastUSN" +"Не вдалося виконати перевірку прав власності і доступу до файлів. Мало бути " +"root:root і 0600.\n" -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням" +#: src/tools/sssctl/sssctl_config.c:85 +#, fuzzy, c-format +msgid "Failed to load configuration from %s.\n" +msgstr "Не вдалося завантажити налаштування з %s.\n" -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "Вимкнути контроль сторінок у LDAP" +#: src/tools/sssctl/sssctl_config.c:91 +msgid "Error while reading configuration directory.\n" +msgstr "Помилка під час спроби прочитати каталог налаштувань.\n" -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "Вимкнути отримання діапазонів Active Directory" +#: src/tools/sssctl/sssctl_config.c:99 +msgid "" +"There is no configuration. SSSD will use default configuration with files " +"provider.\n" +msgstr "" +"Немає налаштувань. SSSD використає типові налаштування для засобу надання " +"файлів.\n" -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "Тривалість очікування на дані запиту пошуку" +#: src/tools/sssctl/sssctl_config.c:111 +msgid "Failed to run validators" +msgstr "Не вдалося запустити засоби перевірки" -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "Тривалість очікування на дані запиту щодо переліку" +#: src/tools/sssctl/sssctl_config.c:115 +#, c-format +msgid "Issues identified by validators: %zu\n" +msgstr "Вади, які виявлено засобами перевірки: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "Проміжок часу між оновленнями нумерації" +#: src/tools/sssctl/sssctl_config.c:126 +#, c-format +msgid "Messages generated during configuration merging: %zu\n" +msgstr "Повідомлення, створені під час об'єднування налаштувань: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "Проміжок часу між спорожненнями кешу" +#: src/tools/sssctl/sssctl_config.c:137 +#, c-format +msgid "Used configuration snippet files: %zu\n" +msgstr "Використаних файлів фрагментів налаштувань: %zu\n" -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "Вимагати TLS для пошуків ідентифікаторів" +#: src/tools/sssctl/sssctl_data.c:89 +#, c-format +msgid "Unable to create backup directory [%d]: %s" +msgstr "Не вдалося створити каталог резервної копії [%d]: %s" -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#: src/tools/sssctl/sssctl_data.c:95 +msgid "SSSD backup of local data already exists, override?" msgstr "" -"Використовувати відповідності ідентифікаторів objectSID замість попередньо " -"встановлених ідентифікаторів" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "Базова назва домену для пошуків користувачів" +"Резервна копія SSSD для локальних даних вже існує. Хочете її перезаписати?" -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "Діапазон пошуків користувачів" +#: src/tools/sssctl/sssctl_data.c:111 +msgid "Unable to export user overrides\n" +msgstr "Не вдалося експортувати перевизначення користувача\n" -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "Фільтр пошуку користувачів" +#: src/tools/sssctl/sssctl_data.c:118 +msgid "Unable to export group overrides\n" +msgstr "Не вдалося експортувати перевизначення групи\n" -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "Клас об’єктів для користувачів" +#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 +msgid "Override existing backup" +msgstr "Перевизначити наявну резервну копію" -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "Атрибут імені користувача" +#: src/tools/sssctl/sssctl_data.c:164 +msgid "Unable to import user overrides\n" +msgstr "Не вдалося імпортувати перевизначення користувача\n" -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "Атрибут UID" +#: src/tools/sssctl/sssctl_data.c:173 +msgid "Unable to import group overrides\n" +msgstr "Не вдалося імпортувати перевизначення групи\n" -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "Головний атрибут GID" +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:328 +msgid "Start SSSD if it is not running" +msgstr "Запустити SSSD, якщо його ще не запущено" -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "Атрибут GECOS" +#: src/tools/sssctl/sssctl_data.c:195 +msgid "Restart SSSD after data import" +msgstr "Перезапустити SSSD після імпортування даних" -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "Атрибут домашнього каталогу" +#: src/tools/sssctl/sssctl_data.c:218 +msgid "Create clean cache files and import local data" +msgstr "Створити порожні файли кешу і імпортувати локальні дані" -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "Атрибут оболонки" +#: src/tools/sssctl/sssctl_data.c:219 +msgid "Stop SSSD before removing the cache" +msgstr "Зупинка SSSD до вилучення кешу" -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "Атрибут UUID" +#: src/tools/sssctl/sssctl_data.c:220 +msgid "Start SSSD when the cache is removed" +msgstr "Запуск SSSD після вилучення кешу" -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "Атрибут objectSID" +#: src/tools/sssctl/sssctl_data.c:235 +msgid "Creating backup of local data...\n" +msgstr "Створюємо резервну копію локальних даних...\n" -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" +#: src/tools/sssctl/sssctl_data.c:238 +msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" -"Атрибут основної групи Active Directory для встановлення відповідності " -"ідентифікатора" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "Атрибут реєстраційного запису користувача (для Kerberos)" +"Не вдалося створити резервну копію локальних даних, не вдалося вилучити " +"кеш.\n" -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "Повне ім'я" +#: src/tools/sssctl/sssctl_data.c:243 +msgid "Removing cache files...\n" +msgstr "Вилучаємо файли кешу...\n" -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "Атрибут memberOf" +#: src/tools/sssctl/sssctl_data.c:246 +msgid "Unable to remove cache files\n" +msgstr "Не вдалося вилучити файли кешу\n" -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "Атрибут часу зміни" +#: src/tools/sssctl/sssctl_data.c:251 +msgid "Restoring local data...\n" +msgstr "Відновлюємо локальні дані...\n" -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "Атрибут shadowLastChange" +#: src/tools/sssctl/sssctl_domains.c:83 +msgid "Show domain list including primary or trusted domain type" +msgstr "" +"Показати список доменів з включенням основних або довірених типів доменів" -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "Атрибут shadowMin" +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 +#: src/tools/sssctl/sssctl_user_checks.c:95 +msgid "Unable to connect to system bus!\n" +msgstr "" +"Не вдалося встановити з'єднання із системним каналом передавання даних!\n" -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "Атрибут shadowMax" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Online" +msgstr "У мережі" -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "Атрибут shadowWarning" +#: src/tools/sssctl/sssctl_domains.c:167 +msgid "Offline" +msgstr "Поза мережею" -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "Атрибут shadowInactive" +#: src/tools/sssctl/sssctl_domains.c:167 +#, c-format +msgid "Online status: %s\n" +msgstr "Стан з'єднання: %s\n" -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "Атрибут shadowExpire" +#: src/tools/sssctl/sssctl_domains.c:213 +msgid "This domain has no active servers.\n" +msgstr "У цьому домені немає активних серверів.\n" -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "Атрибут shadowFlag" +#: src/tools/sssctl/sssctl_domains.c:218 +msgid "Active servers:\n" +msgstr "Активні сервери:\n" -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "Атрибути зі списком уповноважених служб PAM" +#: src/tools/sssctl/sssctl_domains.c:230 +msgid "not connected" +msgstr "не з’єднано" -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "Атрибути зі списком уповноважених серверних вузлів" +#: src/tools/sssctl/sssctl_domains.c:267 +msgid "No servers discovered.\n" +msgstr "Не виявлено жодного сервера.\n" -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "Атрибути зі списком уповноважених серверних r-вузлів" +#: src/tools/sssctl/sssctl_domains.c:273 +#, c-format +msgid "Discovered %s servers:\n" +msgstr "Виявлено сервери %s:\n" -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "Атрибут krbLastPwdChange" +#: src/tools/sssctl/sssctl_domains.c:285 +msgid "None so far.\n" +msgstr "Поки немає.\n" -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "Атрибут krbPasswordExpiration" +#: src/tools/sssctl/sssctl_domains.c:325 +msgid "Show online status" +msgstr "Показати стан з'єднання" -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" -"Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера" +#: src/tools/sssctl/sssctl_domains.c:326 +msgid "Show information about active server" +msgstr "Показати дані щодо активного сервера" -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "Атрибут accountExpires AD" +#: src/tools/sssctl/sssctl_domains.c:327 +msgid "Show list of discovered servers" +msgstr "Показати список виявлених серверів" -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "Атрибут userAccountControl AD" +#: src/tools/sssctl/sssctl_domains.c:333 +msgid "Specify domain name." +msgstr "Вказати назву домену." -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "Атрибут nsAccountLock" +#: src/tools/sssctl/sssctl_domains.c:355 +msgid "Out of memory!\n" +msgstr "Не вистачає пам'яті\n" -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "Атрибут loginDisabled NDS" +#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 +msgid "Unable to get online status\n" +msgstr "Не вдалося отримати стан з'єднання\n" -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "Атрибут loginExpirationTime NDS" +#: src/tools/sssctl/sssctl_domains.c:395 +msgid "Unable to get server list\n" +msgstr "Не вдалося отримати список серверів\n" -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "Атрибут loginAllowedTimeMap NDS" +#: src/tools/sssctl/sssctl_logs.c:46 +msgid "\n" +msgstr "\n" -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "Атрибут відкритого ключа SSH" +#: src/tools/sssctl/sssctl_logs.c:236 +msgid "Delete log files instead of truncating" +msgstr "Вилучити файли журналу замість обрізання" -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "атрибут зі списком дозволених типів розпізнавання для користувача" +#: src/tools/sssctl/sssctl_logs.c:247 +msgid "Deleting log files...\n" +msgstr "Вилучаємо файли журналу...\n" -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "атрибут, що містить сертифікат X509 користувача" +#: src/tools/sssctl/sssctl_logs.c:250 +msgid "Unable to remove log files\n" +msgstr "Не вдалося вилучити файли журналу\n" -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "атрибут, що містить адресу електронної пошти користувача" +#: src/tools/sssctl/sssctl_logs.c:256 +msgid "Truncating log files...\n" +msgstr "Обрізаємо файли журналу...\n" -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" -"Список додаткових атрибутів, які слід отримувати разом із записом користувача" +#: src/tools/sssctl/sssctl_logs.c:259 +msgid "Unable to truncate log files\n" +msgstr "Не вдалося обрізати файли журналу\n" -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "Базова назва домену для пошуків груп" +#: src/tools/sssctl/sssctl_logs.c:285 +msgid "Out of memory!" +msgstr "Не вистачає пам'яті!" -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "Клас об’єктів для груп" +#: src/tools/sssctl/sssctl_logs.c:288 +#, c-format +msgid "Archiving log files into %s...\n" +msgstr "Архівуємо файли журналу до %s...\n" -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "Назва групи" +#: src/tools/sssctl/sssctl_logs.c:291 +msgid "Unable to archive log files\n" +msgstr "Не вдалося архівувати файли журналу\n" -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "Пароль групи" +#: src/tools/sssctl/sssctl_logs.c:316 +msgid "Specify debug level you want to set" +msgstr "Вкажіть рівень діагностики, яким ви хочете скористатися" -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "Атрибут GID" +#: src/tools/sssctl/sssctl_user_checks.c:117 +msgid "SSSD InfoPipe user lookup result:\n" +msgstr "Результат пошуку користувача у InfoPipe SSSD:\n" -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "Атрибут членства у групі" +#: src/tools/sssctl/sssctl_user_checks.c:167 +#, c-format +msgid "dlopen failed with [%s].\n" +msgstr "Помилка dlopen [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "Атрибут UUID групи" +#: src/tools/sssctl/sssctl_user_checks.c:174 +#, c-format +msgid "dlsym failed with [%s].\n" +msgstr "Помилка dlsym [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "Атрибут часу зміни для груп" +#: src/tools/sssctl/sssctl_user_checks.c:182 +msgid "malloc failed.\n" +msgstr "Помилка malloc.\n" -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "Тип групи та інші прапорці" +#: src/tools/sssctl/sssctl_user_checks.c:189 +#, c-format +msgid "sss_getpwnam_r failed with [%d].\n" +msgstr "помилка sss_getpwnam_r [%d].\n" -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "Атрибут групи LDAP зовнішнього учасника" +#: src/tools/sssctl/sssctl_user_checks.c:194 +msgid "SSSD nss user lookup result:\n" +msgstr "Результат пошуку користувача у nss SSSD:\n" -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD" +#: src/tools/sssctl/sssctl_user_checks.c:195 +#, c-format +msgid " - user name: %s\n" +msgstr " - ім'я користувача: %s\n" -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "Базова назва домену для пошуків груп у мережі" +#: src/tools/sssctl/sssctl_user_checks.c:196 +#, c-format +msgid " - user id: %d\n" +msgstr " - ід. користувача: %d\n" -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "Клас об’єктів для груп у мережі" +#: src/tools/sssctl/sssctl_user_checks.c:197 +#, c-format +msgid " - group id: %d\n" +msgstr " - ід. групи: %d\n" -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "Назва мережевої групи" +#: src/tools/sssctl/sssctl_user_checks.c:198 +#, c-format +msgid " - gecos: %s\n" +msgstr " - gecos: %s\n" -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "Атрибут членства у групах у мережі" +#: src/tools/sssctl/sssctl_user_checks.c:199 +#, c-format +msgid " - home directory: %s\n" +msgstr " - домашній каталог: %s\n" -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "Атрибут трійки груп у мережі" +#: src/tools/sssctl/sssctl_user_checks.c:200 +#, c-format +msgid "" +" - shell: %s\n" +"\n" +msgstr "" +" - оболонка: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "Атрибут часу зміни для мережевих груп" +#: src/tools/sssctl/sssctl_user_checks.c:232 +msgid "PAM action [auth|acct|setc|chau|open|clos], default: " +msgstr "Дія PAM [auth|acct|setc|chau|open|clos], типове значення: " -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "Базова сервер назв домену для пошуку служб" +#: src/tools/sssctl/sssctl_user_checks.c:235 +msgid "PAM service, default: " +msgstr "Служба PAM, типове значення: " -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "Клас об’єктів для служб" +#: src/tools/sssctl/sssctl_user_checks.c:240 +msgid "Specify user name." +msgstr "Вказати ім'я користувача." -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "Атрибут назви служби" +#: src/tools/sssctl/sssctl_user_checks.c:247 +#, c-format +msgid "" +"user: %s\n" +"action: %s\n" +"service: %s\n" +"\n" +msgstr "" +"користувач: %s\n" +"дія: %s\n" +"служба: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "Атрибут порту служби" +#: src/tools/sssctl/sssctl_user_checks.c:252 +#, c-format +msgid "User name lookup with [%s] failed.\n" +msgstr "Не вдалося знайти користувача за допомогою [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "Атрибут протоколу служби" +#: src/tools/sssctl/sssctl_user_checks.c:257 +#, c-format +msgid "InfoPipe User lookup with [%s] failed.\n" +msgstr "Не вдалося знайти користувача InfoPipe за допомогою [%s].\n" -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "Нижня межа встановлення відповідності ідентифікатора" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "Верхня межа встановлення відповідності ідентифікатора" +#: src/tools/sssctl/sssctl_user_checks.c:263 +#, c-format +msgid "pam_start failed: %s\n" +msgstr "Помилка pam_start: %s\n" -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" +#: src/tools/sssctl/sssctl_user_checks.c:268 +msgid "" +"testing pam_authenticate\n" +"\n" msgstr "" -"Кількість ідентифікаторів для кожного зрізу під час встановлення " -"відповідності ідентифікаторів" +"перевіряємо pam_authenticate\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" -"Використовувати для встановлення відповідності ідентифікаторів алгоритм, " -"сумісний з autorid" +#: src/tools/sssctl/sssctl_user_checks.c:272 +#, c-format +msgid "pam_get_item failed: %s\n" +msgstr "Помилка pam_get_item: %s\n" -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "Назва типового домену для встановлення відповідності ідентифікаторів" +#: src/tools/sssctl/sssctl_user_checks.c:275 +#, c-format +msgid "" +"pam_authenticate for user [%s]: %s\n" +"\n" +msgstr "" +"pam_authenticate для користувача [%s]: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "SID типового домену для встановлення відповідності ідентифікаторів" +#: src/tools/sssctl/sssctl_user_checks.c:278 +msgid "" +"testing pam_chauthtok\n" +"\n" +msgstr "" +"перевіряємо pam_chauthtok\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "Кількість вторинних зрізів" +#: src/tools/sssctl/sssctl_user_checks.c:280 +#, c-format +msgid "" +"pam_chauthtok: %s\n" +"\n" +msgstr "" +"pam_chauthtok: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "Визначає, чи слід використовувати крупи реєстраційних записів" +#: src/tools/sssctl/sssctl_user_checks.c:282 +msgid "" +"testing pam_acct_mgmt\n" +"\n" +msgstr "" +"перевіряємо pam_acct_mgmt\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:284 +#, c-format +msgid "" +"pam_acct_mgmt: %s\n" +"\n" +msgstr "" +"pam_acct_mgmt: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:286 +msgid "" +"testing pam_setcred\n" +"\n" +msgstr "" +"перевіряємо pam_setcred\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "DN для запитів щодо ppolicy" +#: src/tools/sssctl/sssctl_user_checks.c:288 +#, c-format +msgid "" +"pam_setcred: [%s]\n" +"\n" +msgstr "" +"pam_setcred: [%s]\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" +#: src/tools/sssctl/sssctl_user_checks.c:290 +msgid "" +"testing pam_open_session\n" +"\n" msgstr "" -"Максимальна кількість записів для отримання під час обробки запитів із " -"замінниками" +"перевіряємо pam_open_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "Правила оцінки завершення строку дії пароля" +#: src/tools/sssctl/sssctl_user_checks.c:292 +#, c-format +msgid "" +"pam_open_session: %s\n" +"\n" +msgstr "" +"pam_open_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" +#: src/tools/sssctl/sssctl_user_checks.c:294 +msgid "" +"testing pam_close_session\n" +"\n" msgstr "" -"Атрибути які слід використовувати для визначення чинності облікового запису" +"перевіряємо pam_close_session\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" +#: src/tools/sssctl/sssctl_user_checks.c:296 +#, c-format +msgid "" +"pam_close_session: %s\n" +"\n" msgstr "" -"Правила, які має бути використано для визначення достатності прав доступу" +"pam_close_session: %s\n" +"\n" -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів" +#: src/tools/sssctl/sssctl_user_checks.c:298 +msgid "unknown action\n" +msgstr "невідома дія\n" -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів" +#: src/tools/sssctl/sssctl_user_checks.c:301 +msgid "PAM Environment:\n" +msgstr "Середовище PAM:\n" -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "Назва у службі DNS сервера зміни паролів LDAP" +#: src/tools/sssctl/sssctl_user_checks.c:309 +msgid " - no env -\n" +msgstr " - немає середовища -\n" -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" -"Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після " -"зміни пароля" +#: src/util/util.h:82 +msgid "The user ID to run the server as" +msgstr "Ідентифікатор користувача, від імені якого слід запустити сервер" -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "Базова назва домену для пошуків правил sudo" +#: src/util/util.h:84 +msgid "The group ID to run the server as" +msgstr "Ідентифікатор групи, від імені якої слід запустити сервер" -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "Період автоматичного повного оновлення даних" +#: src/util/util.h:92 +msgid "Informs that the responder has been socket-activated" +msgstr "Інформує про те, що на відповідачі задіяно сокет" -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "Період автоматичного кмітливого оновлення даних" +#: src/util/util.h:94 +msgid "Informs that the responder has been dbus-activated" +msgstr "Інформує про те, що на відповідачі задіяно D-Bus" -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" -"Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та " -"мережами" +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "Встановити рівень докладності діагностичних записів журналу" -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" -"Назви вузлів і/або повні назви у домені для цього комп’ютера для " -"фільтрування списку правил sudo" +#~ msgid "Include timestamps in debug logs" +#~ msgstr "Додати до діагностичних журналів позначки часу" -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" -"Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку " -"правил sudo" +#~ msgid "Include microseconds in timestamps in debug logs" +#~ msgstr "Включати мілісекунди до часових позначок у журналах" -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" -"Визначає, чи слід включати правила, що містять мережеву групу у атрибуті " -"вузла" +#~ msgid "Write debug messages to logfiles" +#~ msgstr "Записувати діагностичні повідомлення до файлів журналу" -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" -"Визначає, чи слід включати правила, що містять формальний вираз у атрибуті " -"вузла" +#~ msgid "Watchdog timeout before restarting service" +#~ msgstr "" +#~ "Час очікування відповіді засобу спостереження перед перезапуском служби" -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "Клас об’єктів для правил sudo" +#~ msgid "Command to start service" +#~ msgstr "Команда запуску служби" -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" +#~ msgid "Number of times to attempt connection to Data Providers" +#~ msgstr "Кількість повторних спроб встановлення з’єднання з надавачами даних" -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "Назва правила sudo" +#~ msgid "The number of file descriptors that may be opened by this responder" +#~ msgstr "" +#~ "Кількість дескрипторів файлів, які може бути відкрито цим відповідачем" -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "Атрибут команди правила sudo" +#~ msgid "Idle time before automatic disconnection of a client" +#~ msgstr "" +#~ "Проміжок бездіяльності до автоматичного від’єднання клієнтської частини" -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "Атрибут вузла правила sudo" +#~ msgid "Idle time before automatic shutdown of the responder" +#~ msgstr "Проміжок бездіяльності до автоматичного вимикання відповідача" -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "Атрибут користувача правила sudo" +#~ msgid "Always query all the caches before querying the Data Providers" +#~ msgstr "Завжди опитувати усі кеші до опитування засобів надання даних" -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "Атрибут параметрів правила sudo" +#~ msgid "SSSD Services to start" +#~ msgstr "Служби SSSD, які слід запустити" -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "Атрибут runas правила sudo" +#~ msgid "SSSD Domains to start" +#~ msgstr "Домени SSSD, які слід запустити" -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" -"Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo" +#~ msgid "Timeout for messages sent over the SBUS" +#~ msgstr "Час очікування для повідомлень, надісланих за допомогою SBUS" -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo" +#~ msgid "Regex to parse username and domain" +#~ msgstr "Формальний вираз для обробки імені користувача і домену" -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "Атрибут граничного часу початку дії правила sudo" +#~ msgid "Printf-compatible format for displaying fully-qualified names" +#~ msgstr "Сумісний з printf формат показу повних назв" -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "Атрибут граничного часу завершення дії правила sudo" +#~ msgid "" +#~ "Directory on the filesystem where SSSD should store Kerberos replay cache " +#~ "files." +#~ msgstr "" +#~ "Каталог у файловій системі, де SSSD має зберігати файли кешу відтворення " +#~ "Kerberos." -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "Атрибут порядку правила sudo" +#~ msgid "Domain to add to names without a domain component." +#~ msgstr "Домен, який слід додати до назв без компонента домену." -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "Клас об’єктів для карт автоматичного монтування" +#~ msgid "The user to drop privileges to" +#~ msgstr "Користувач, привілеї якого слід скинути" -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "Атрибут назви карти автоматичного монтування" +#~ msgid "Tune certificate verification" +#~ msgstr "Скоригувати перевірку сертифікатів" -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "Клас об’єктів для записів карт автоматичного монтування" +#~ msgid "" +#~ "All spaces in group or user names will be replaced with this character" +#~ msgstr "" +#~ "Усі пробіли у назвах груп і іменах користувачів буде замінено на цей " +#~ "символ" -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "Атрибут ключа запису карти автоматичного монтування" +#~ msgid "Tune sssd to honor or ignore netlink state changes" +#~ msgstr "Налаштувати sssd на врахування або ігнорування змін стану netlink" -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "Атрибут значення запису карти автоматичного монтування" +#~ msgid "Enable or disable the implicit files domain" +#~ msgstr "Увімкнути або вимкнути домен неявних файлів" -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування" +#~ msgid "A specific order of the domains to be looked up" +#~ msgstr "Певний порядок доменів, у якому їх слід використовувати для пошуку" -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "Відокремлений комами список дозволених користувачів" +#~ msgid "Enumeration cache timeout length (seconds)" +#~ msgstr "Тривалість часу очікування на дані кешу нумерування (у секундах)" -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "Відокремлений комами список заборонених користувачів" +#~ msgid "Entry cache background update timeout length (seconds)" +#~ msgstr "Час очікування на фонове оновлення кешу записів (у секундах)" -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "Типова оболонка, /bin/bash" +#~ msgid "Negative cache timeout length (seconds)" +#~ msgstr "Від’ємний час очікування на дані з кешу (у секундах)" -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "Базова адреса домашніх каталогів" +#~ msgid "Files negative cache timeout length (seconds)" +#~ msgstr "Від’ємний час очікування на дані з кешу файлів (у секундах)" -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "Кількість попередньо відгалужених дочірніх проксі-записів." +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "Користувачі, яких SSSD має явно ігнорувати" -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "Назва бібліотеки NSS, яку слід використовувати" +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "Групи користувачів, які SSSD має явно ігнорувати" -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" -"Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це " -"можливо" +#~ msgid "Should filtered users appear in groups" +#~ msgstr "Чи слід показувати відфільтрованих користувачів у групах" -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "Стек PAM, який слід використовувати" +#~ msgid "The value of the password field the NSS provider should return" +#~ msgstr "Значення поля пароля, яке має повертати постачальник даних NSS" -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "Шлях до початкового тексту файла passwd." +#~ msgid "Override homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Замінити значення назви домашнього каталогу від надавача профілю цим " +#~ "значенням" -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "Шлях до початкового тексту файла group." +#~ msgid "" +#~ "Substitute empty homedir value from the identity provider with this value" +#~ msgstr "" +#~ "Замінювати порожні значення домашніх каталогів у засобі надання даних " +#~ "профілів цим значенням" -#: src/monitor/monitor.c:2355 -msgid "Become a daemon (default)" -msgstr "Запуститися фонову службу (типова поведінка)" +#~ msgid "Override shell value from the identity provider with this value" +#~ msgstr "Замінити значення оболонки від надавача профілю цим значенням" -#: src/monitor/monitor.c:2357 -msgid "Run interactive (not a daemon)" -msgstr "Запустити у інтерактивному режимі (без фонової служби)" +#~ msgid "The list of shells users are allowed to log in with" +#~ msgstr "Список оболонок, за допомогою яких можуть входити користувачі" -#: src/monitor/monitor.c:2360 -msgid "Disable netlink interface" -msgstr "Вимкнути інтерфейс netlink" +#~ msgid "" +#~ "The list of shells that will be vetoed, and replaced with the fallback " +#~ "shell" +#~ msgstr "Список оболонок, які буде заборонено і замінено резервною оболонкою" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 -msgid "Specify a non-default config file" -msgstr "Вказати нетиповий файл налаштувань" +#~ msgid "" +#~ "If a shell stored in central directory is allowed but not available, use " +#~ "this fallback" +#~ msgstr "" +#~ "Якщо оболонка, що зберігається у центральному каталозі дозволена, але " +#~ "недоступна, використовувати цю резервну" -#: src/monitor/monitor.c:2364 -msgid "Refresh the configuration database, then exit" -msgstr "Оновити налаштування бази даних, потім вийти" +#~ msgid "Shell to use if the provider does not list one" +#~ msgstr "Оболонка, яку слід використовувати, якщо засіб не надає жодної" -#: src/monitor/monitor.c:2367 -msgid "Similar to --genconf, but only refreshes the given section" -msgstr "Подібний до --genconf, але оновлює дані лише вказаного розділу" +#~ msgid "How long will be in-memory cache records valid" +#~ msgstr "Строк дії записів кешу у пам’яті" + +#~ msgid "List of user attributes the NSS responder is allowed to publish" +#~ msgstr "" +#~ "Список атрибутів запису користувача, які може оприлюднювати відповідач NSS" + +#~ msgid "How long to allow cached logins between online logins (days)" +#~ msgstr "" +#~ "Тривалість зберігання кешованих реєстраційних даних між входами до " +#~ "системи (у днях)" + +#~ msgid "How many failed logins attempts are allowed when offline" +#~ msgstr "" +#~ "Макс. дозволена кількість помилкових спроб входу у автономному режимі" + +#~ msgid "" +#~ "How long (minutes) to deny login after offline_failed_login_attempts has " +#~ "been reached" +#~ msgstr "" +#~ "Тривалість (у хвилинах) заборони входу після досягнення значення " +#~ "offline_failed_login_attempts" + +#~ msgid "" +#~ "What kind of messages are displayed to the user during authentication" +#~ msgstr "" +#~ "Тип повідомлень, які буде показано користувачеві під час розпізнавання" + +#~ msgid "Filter PAM responses sent to the pam_sss" +#~ msgstr "Фільтрувати відповіді PAM, які надіслано pam_sss" + +#~ msgid "" +#~ "How many seconds to keep identity information cached for PAM requests" +#~ msgstr "" +#~ "Тривалість (у секундах) зберігання даних щодо розпізнавання у кеші для " +#~ "запитів PAM" + +#~ msgid "" +#~ "How many days before password expiration a warning should be displayed" +#~ msgstr "" +#~ "Визначає кількість днів між днем, коли має бути показано попередження, і " +#~ "днем, коли завершиться строк дії пароля" + +#~ msgid "List of trusted uids or user's name" +#~ msgstr "Список надійних UUID або імен користувачів" + +#~ msgid "List of domains accessible even for untrusted users." +#~ msgstr "" +#~ "Список доменів, доступ до яких відкрито навіть для ненадійних " +#~ "користувачів." + +#~ msgid "Message printed when user account is expired." +#~ msgstr "" +#~ "Повідомлення, яке буде виведено, коли строк дії облікового запису " +#~ "користувача буде завершено." + +#~ msgid "Message printed when user account is locked." +#~ msgstr "" +#~ "Повідомлення, яке буде виведено, коли обліковий запис користувача буде " +#~ "заблоковано." + +#~ msgid "Allow certificate based/Smartcard authentication." +#~ msgstr "Дозволити розпізнавання за сертифікатом або смарткарткою." + +#~ msgid "Path to certificate database with PKCS#11 modules." +#~ msgstr "Шлях до бази даних сертифікатів із модулями PKCS#11." + +#~ msgid "How many seconds will pam_sss wait for p11_child to finish" +#~ msgstr "" +#~ "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " +#~ "p11_child" + +#~ msgid "Which PAM services are permitted to contact application domains" +#~ msgstr "" +#~ "Визначає, яким службам PAM дозволено встановлювати з'єднання із доменами " +#~ "програм" + +#~ msgid "Allowed services for using smartcards" +#~ msgstr "Дозволені служби для використання смарт-карток" + +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Додатковий час очікування на картку, якщо надійде запит" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "Адреса PKCS#11 для обмеження переліку пристроїв для розпізнавання за " +#~ "смарт-карткою" + +#~ msgid "Whether to evaluate the time-based attributes in sudo rules" +#~ msgstr "" +#~ "Визначає, чи слід обробляти атрибути правил sudo, пов’язані з часовими " +#~ "обмеженнями" + +#~ msgid "If true, SSSD will switch back to lower-wins ordering logic" +#~ msgstr "" +#~ "Якщо має значення true, SSSD перемикнеться на логіку упорядковування " +#~ "менший-кращий" + +#~ msgid "" +#~ "Maximum number of rules that can be refreshed at once. If this is " +#~ "exceeded, full refresh is performed." +#~ msgstr "" +#~ "Максимальна кількість правил, які може бути одночасно оновлено. Якщо цю " +#~ "кількість буде перевищено, буде виконано повне оновлення." + +#~ msgid "Whether to hash host names and addresses in the known_hosts file" +#~ msgstr "Чи слід хешувати назви та адреси вузлів у файлі known_hosts" + +#~ msgid "" +#~ "How many seconds to keep a host in the known_hosts file after its host " +#~ "keys were requested" +#~ msgstr "" +#~ "Кількість секунд, протягом яких запису вузла зберігатиметься у файлі " +#~ "known_hosts після надсилання запиту щодо ключів вузла" + +#~ msgid "Path to storage of trusted CA certificates" +#~ msgstr "Шлях до сховища надійних сертифікатів служб сертифікації (CA)" + +#~ msgid "Allow to generate ssh-keys from certificates" +#~ msgstr "Дозволити створення ключів SSH з сертифікатів" + +#~ msgid "" +#~ "Use the following matching rules to filter the certificates for ssh-key " +#~ "generation" +#~ msgstr "" +#~ "Використати вказані нижче відповідні правила для фільтрування " +#~ "сертифікатів для створення ключів SSH" + +#~ msgid "List of UIDs or user names allowed to access the PAC responder" +#~ msgstr "" +#~ "Список унікальних ідентифікаторів (UID) або імен користувачів, яким " +#~ "надано доступ до відповідача PAC" + +#~ msgid "How long the PAC data is considered valid" +#~ msgstr "Час, протягом якого дані PAC вважатимуться чинними" + +#~ msgid "List of UIDs or user names allowed to access the InfoPipe responder" +#~ msgstr "" +#~ "Список унікальних ідентифікаторів (UID) або імен користувачів, яким " +#~ "надано доступ до відповідача InfoPipe" + +#~ msgid "List of user attributes the InfoPipe is allowed to publish" +#~ msgstr "" +#~ "Список атрибутів запису користувача, які може оприлюднювати InfoPipe" + +#~ msgid "The provider where the secrets will be stored in" +#~ msgstr "Модуль надання даних, у якому будуть зберігатися реєстраційні дані" + +#~ msgid "The maximum allowed number of nested containers" +#~ msgstr "Максимальна дозволена кількість вкладених контейнерів" + +#~ msgid "The maximum number of secrets that can be stored" +#~ msgstr "" +#~ "Максимальна кількість записів реєстраційних даних, які можна зберігати" + +#~ msgid "The maximum number of secrets that can be stored per UID" +#~ msgstr "" +#~ "Максимальна кількість записів реєстраційних даних, які можна зберігати за " +#~ "UID" + +#~ msgid "The maximum payload size of a secret in kilobytes" +#~ msgstr "Максимальний обсяг запису реєстраційних даних у кілобайтах" + +#~ msgid "The URL Custodia server is listening on" +#~ msgstr "Адреса, на якій очікує дані сервер Custodia" + +#~ msgid "The method to use when authenticating to a Custodia server" +#~ msgstr "Спосіб розпізнавання сервером Custodia" + +#~ msgid "" +#~ "The name of the headers that will be added into a HTTP request with the " +#~ "value defined in auth_header_value" +#~ msgstr "" +#~ "Назва заголовків, які буде додано до запиту HTTP зі значенням, яке " +#~ "визначено в auth_header_value" + +#~ msgid "The value sssd-secrets would use for auth_header_name" +#~ msgstr "Значення, яке sssd-secrets має використовувати для auth_header_name" + +#~ msgid "" +#~ "The list of the headers to forward to the Custodia server together with " +#~ "the request" +#~ msgstr "" +#~ "Список заголовків, які слід переспрямувати до сервера Custodia разом із " +#~ "запитом" + +#~ msgid "" +#~ "The username to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Ім'я користувача, яким слід скористатися для розпізнавання на сервері " +#~ "Custodia з використанням basic_auth" + +#~ msgid "" +#~ "The password to use when authenticating to a Custodia server using " +#~ "basic_auth" +#~ msgstr "" +#~ "Пароль, яким слід скористатися для розпізнавання на сервері Custodia з " +#~ "використанням basic_auth" + +#~ msgid "" +#~ "If true peer's certificate is verified if proxy_url uses https protocol" +#~ msgstr "" +#~ "Якщо має значення true, сертифікат вузла перевірятиметься, якщо proxy_url " +#~ "використовує протокол https" + +#~ msgid "" +#~ "If false peer's certificate may contain different hostname than proxy_url " +#~ "when https protocol is used" +#~ msgstr "" +#~ "Якщо має значення false, сертифікат вузла може містити іншу назву вузла " +#~ "ніж proxy_url, якщо використано протокол https" + +#~ msgid "" +#~ "Path to directory where certificate authority certificates are stored" +#~ msgstr "" +#~ "Шлях до каталогу, у якому зберігаються сертифікати служби сертифікації" + +#~ msgid "Path to file containing server's CA certificate" +#~ msgstr "" +#~ "Шлях до файла, у якому міститься сертифікат служби сертифікації (CA) " +#~ "сервера" + +#~ msgid "Path to file containing client's certificate" +#~ msgstr "Шлях до файла, у якому міститься сертифікат клієнта" -#: src/monitor/monitor.c:2370 -msgid "Print version number and exit" -msgstr "Вивести номер версії і завершити роботу" +#~ msgid "Path to file containing client's private key" +#~ msgstr "Шлях до файла, у якому міститься закритий ключ клієнта" -#: src/monitor/monitor.c:2514 -msgid "SSSD is already running\n" -msgstr "SSSD вже запущено\n" +#~ msgid "Identity provider" +#~ msgstr "Служба профілів" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 -msgid "Debug level" -msgstr "Рівень зневаджування" +#~ msgid "Authentication provider" +#~ msgstr "Служба розпізнавання" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 -msgid "Add debug timestamps" -msgstr "Додавати діагностичні часові позначки" +#~ msgid "Access control provider" +#~ msgstr "Служба керування доступом" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 -msgid "Show timestamps with microseconds" -msgstr "Показувати мікросекунди у часових позначках" +#~ msgid "Password change provider" +#~ msgstr "Служба зміни паролів" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 -msgid "An open file descriptor for the debug logs" -msgstr "Дескриптор відкритого файла для запису журналів діагностики" +#~ msgid "SUDO provider" +#~ msgstr "Служба SUDO" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 -msgid "Send the debug output to stderr directly." -msgstr "Надіслати діагностичну інформацію безпосередньо до stderr." +#~ msgid "Autofs provider" +#~ msgstr "Служба автоматизації файлових систем" -#: src/providers/krb5/krb5_child.c:3245 -msgid "The user to create FAST ccache as" -msgstr "Користувач, від імені якого слід створити ccache FAST" +#~ msgid "Host identity provider" +#~ msgstr "Служба профілів вузлів" -#: src/providers/krb5/krb5_child.c:3247 -msgid "The group to create FAST ccache as" -msgstr "Група, від імені якої слід створити ccache FAST" +#~ msgid "SELinux provider" +#~ msgstr "Надавач даних SELinux" + +#~ msgid "Session management provider" +#~ msgstr "Засіб керування сеансами" + +#~ msgid "Whether the domain is usable by the OS or by applications" +#~ msgstr "" +#~ "Визначає, чи можна використовувати домен у операційній системі або у " +#~ "програмах" -#: src/providers/krb5/krb5_child.c:3249 -msgid "Kerberos realm to use" -msgstr "Область Kerberos, якою слід скористатися" +#~ msgid "Minimum user ID" +#~ msgstr "Мін. ідентифікатор користувача" -#: src/providers/krb5/krb5_child.c:3251 -msgid "Requested lifetime of the ticket" -msgstr "Запитаний строк дії квитка" +#~ msgid "Maximum user ID" +#~ msgstr "Макс. ідентифікатор користувача" -#: src/providers/krb5/krb5_child.c:3253 -msgid "Requested renewable lifetime of the ticket" -msgstr "Запитаний час оновлення строку дії квитка" +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "Увімкнути нумерацію всіх користувачів/груп" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "Кешувати реєстраційні дані для автономного входу" -#: src/providers/krb5/krb5_child.c:3255 -msgid "FAST options ('never', 'try', 'demand')" -msgstr "Параметри FAST ('never', 'try', 'demand')" +#~ msgid "Display users/groups in fully-qualified form" +#~ msgstr "Показувати записи користувачів/груп повністю" -#: src/providers/krb5/krb5_child.c:3258 -msgid "Specifies the server principal to use for FAST" -msgstr "" -"Визначає реєстраційний запис сервера, який слід використовувати для FAST" +#~ msgid "Don't include group members in group lookups" +#~ msgstr "Не включати учасників групи у пошуки групи" -#: src/providers/krb5/krb5_child.c:3260 -msgid "Requests canonicalization of the principal name" -msgstr "Вимагає перетворення реєстраційного запису у канонічну форму" +#~ msgid "Entry cache timeout length (seconds)" +#~ msgstr "Тривалість кешування записів (у секундах)" -#: src/providers/krb5/krb5_child.c:3262 -msgid "Use custom version of krb5_get_init_creds_password" -msgstr "Використовувати нетипову версію krb5_get_init_creds_password" +#~ msgid "" +#~ "Restrict or prefer a specific address family when performing DNS lookups" +#~ msgstr "" +#~ "Обмежити або надавати перевагу певному сімейству адрес під час виконання " +#~ "пошуків DNS" -#: src/providers/data_provider_be.c:711 -msgid "Domain of the information provider (mandatory)" -msgstr "Домен надання відомостей (обов’язковий)" +#~ msgid "How long to keep cached entries after last successful login (days)" +#~ msgstr "" +#~ "Тривалість зберігання кешованих записів після останнього успішного входу " +#~ "(у днях)" -#: src/sss_client/common.c:1079 -msgid "Privileged socket has wrong ownership or permissions." -msgstr "У привілейованого сокета помилковий власник або права доступу." +#~ msgid "" +#~ "How long should SSSD talk to single DNS server before trying next server " +#~ "(miliseconds)" +#~ msgstr "" +#~ "Гранична тривалість спроби обмінятися даними SSSD з окремим сервером DNS, " +#~ "перш ніж програма спробує наступний сервер (у мілісекундах)" -#: src/sss_client/common.c:1082 -msgid "Public socket has wrong ownership or permissions." -msgstr "У відкритого сокета помилковий власник або права доступу." +#~ msgid "How long should keep trying to resolve single DNS query (seconds)" +#~ msgstr "Гранична тривалість спроби обробки окремого запиту DNS (у секундах)" -#: src/sss_client/common.c:1085 -msgid "Unexpected format of the server credential message." -msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера." +#~ msgid "" +#~ "How long to wait for replies from DNS when resolving servers (seconds)" +#~ msgstr "" +#~ "Тривалість очікування на відповідь від DNS під час визначення адрес " +#~ "серверів (у секундах)" -#: src/sss_client/common.c:1088 -msgid "SSSD is not run by root." -msgstr "SSSD запущено не від імені користувача root." +#~ msgid "The domain part of service discovery DNS query" +#~ msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом" -#: src/sss_client/common.c:1091 -msgid "SSSD socket does not exist." -msgstr "Сокета SSSD не існує." +#~ msgid "Override GID value from the identity provider with this value" +#~ msgstr "" +#~ "Замінити значення ідентифікатора групи від надавача профілю цим значенням" -#: src/sss_client/common.c:1094 -msgid "Cannot get stat of SSSD socket." -msgstr "Не вдалося отримати статистику щодо сокета SSSD." +#~ msgid "Treat usernames as case sensitive" +#~ msgstr "Враховувати регістр у іменах користувачів" -#: src/sss_client/common.c:1099 -msgid "An error occurred, but no description can be found." -msgstr "Сталася помилка, але не вдалося знайти її опису." +#~ msgid "How often should expired entries be refreshed in background" +#~ msgstr "Наскільки часто має виконувати оновлення у тлі застарілих записів" -#: src/sss_client/common.c:1105 -msgid "Unexpected error while looking for an error description" -msgstr "Неочікувана помилка під час пошуку опису помилки" +#~ msgid "Whether to automatically update the client's DNS entry" +#~ msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта" -#: src/sss_client/pam_sss.c:68 -msgid "Permission denied. " -msgstr "Відмовлено у доступі. " +#~ msgid "The TTL to apply to the client's DNS entry after updating it" +#~ msgstr "" +#~ "TTL, який слід застосовувати до запису DNS клієнта після його оновлення" -#: src/sss_client/pam_sss.c:69 src/sss_client/pam_sss.c:779 -#: src/sss_client/pam_sss.c:790 -msgid "Server message: " -msgstr "Повідомлення сервера: " +#~ msgid "The interface whose IP should be used for dynamic DNS updates" +#~ msgstr "" +#~ "Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS" -#: src/sss_client/pam_sss.c:297 -msgid "Passwords do not match" -msgstr "Паролі не збігаються" +#~ msgid "How often to periodically update the client's DNS entry" +#~ msgstr "" +#~ "Визначає, наскільки часто слід періодично оновлювати запис DNS клієнта" -#: src/sss_client/pam_sss.c:485 -msgid "Password reset by root is not supported." -msgstr "Підтримки скидання пароля користувачем root не передбачено." +#~ msgid "Whether the provider should explicitly update the PTR record as well" +#~ msgstr "" +#~ "Визначає, чи слід надавачу даних також явним чином оновлювати запис PTR" -#: src/sss_client/pam_sss.c:526 -msgid "Authenticated with cached credentials" -msgstr "Розпізнано за реєстраційними даними з кешу" +#~ msgid "Whether the nsupdate utility should default to using TCP" +#~ msgstr "Визначає, чи слід програмі nsupdate типово використовувати TCP" -#: src/sss_client/pam_sss.c:527 -msgid ", your cached password will expire at: " -msgstr ", строк дії вашого кешованого пароля завершиться: " +#~ msgid "What kind of authentication should be used to perform the DNS update" +#~ msgstr "" +#~ "Визначає тип розпізнавання, який слід використовувати для виконання " +#~ "оновлення DNS" -#: src/sss_client/pam_sss.c:557 -#, c-format -msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "Строк дії вашого пароля вичерпано. Залишилося %1$d резервних входи." +#~ msgid "Override the DNS server used to perform the DNS update" +#~ msgstr "" +#~ "Перевизначити сервер DNS, який використовуватиметься для виконання " +#~ "оновлення DNS" -#: src/sss_client/pam_sss.c:603 -#, c-format -msgid "Your password will expire in %1$d %2$s." -msgstr "Строк дії вашого пароля завершиться за %1$d %2$s." +#~ msgid "Control enumeration of trusted domains" +#~ msgstr "Керувати нумерацією надійних доменів" -#: src/sss_client/pam_sss.c:652 -msgid "Authentication is denied until: " -msgstr "Розпізнавання заборонено до: " +#~ msgid "How often should subdomains list be refreshed" +#~ msgstr "Частота оновлення списку піддоменів" -#: src/sss_client/pam_sss.c:673 -msgid "System is offline, password change not possible" -msgstr "Система працює у автономному режимі, зміна пароля неможлива" +#~ msgid "List of options that should be inherited into a subdomain" +#~ msgstr "Список параметрів, які має бути успадковано у піддомені" -#: src/sss_client/pam_sss.c:688 -msgid "" -"After changing the OTP password, you need to log out and back in order to " -"acquire a ticket" -msgstr "" -"Після зміни пароля OTP вам слід вийти із системи і увійти до неї знову, щоб " -"отримати про квиток" +#~ msgid "Default subdomain homedir value" +#~ msgstr "Типове значення домашнього каталогу для піддоменів" -#: src/sss_client/pam_sss.c:776 src/sss_client/pam_sss.c:789 -msgid "Password change failed. " -msgstr "Спроба зміни пароля зазнала невдачі. " +#~ msgid "How long can cached credentials be used for cached authentication" +#~ msgstr "" +#~ "Строк, протягом якого кешовані реєстраційні дані може бути використано " +#~ "для розпізнавання за кешем" -#: src/sss_client/pam_sss.c:2008 -msgid "New Password: " -msgstr "Новий пароль: " +#~ msgid "Whether to automatically create private groups for users" +#~ msgstr "" +#~ "Визначає, чи слід автоматично створювати приватні групи для користувачів" -#: src/sss_client/pam_sss.c:2009 -msgid "Reenter new Password: " -msgstr "Ще раз введіть новий пароль: " +#~ msgid "IPA domain" +#~ msgstr "Домен IPA" -#: src/sss_client/pam_sss.c:2171 src/sss_client/pam_sss.c:2174 -msgid "First Factor: " -msgstr "Перший фактор:" +#~ msgid "IPA server address" +#~ msgstr "Адреса сервера IPA" -#: src/sss_client/pam_sss.c:2172 src/sss_client/pam_sss.c:2343 -msgid "Second Factor (optional): " -msgstr "Другий фактор (необов'язковий): " +#~ msgid "Address of backup IPA server" +#~ msgstr "Адреса резервного сервера IPA" -#: src/sss_client/pam_sss.c:2175 src/sss_client/pam_sss.c:2346 -msgid "Second Factor: " -msgstr "Другий фактор:" +#~ msgid "IPA client hostname" +#~ msgstr "Назва вузла клієнта IPA" -#: src/sss_client/pam_sss.c:2190 -msgid "Password: " -msgstr "Пароль: " +#~ msgid "Whether to automatically update the client's DNS entry in FreeIPA" +#~ msgstr "" +#~ "Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у " +#~ "FreeIPA" -#: src/sss_client/pam_sss.c:2342 src/sss_client/pam_sss.c:2345 -msgid "First Factor (Current Password): " -msgstr "Перший фактор (поточний пароль): " +#~ msgid "Search base for HBAC related objects" +#~ msgstr "Шукати у базі об’єкти, пов’язані з HBAC" -#: src/sss_client/pam_sss.c:2349 -msgid "Current Password: " -msgstr "Поточний пароль: " +#~ msgid "" +#~ "The amount of time between lookups of the HBAC rules against the IPA " +#~ "server" +#~ msgstr "" +#~ "Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA" -#: src/sss_client/pam_sss.c:2704 -msgid "Password expired. Change your password now." -msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." +#~ msgid "" +#~ "The amount of time in seconds between lookups of the SELinux maps against " +#~ "the IPA server" +#~ msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:186 src/tools/sss_useradd.c:48 -#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 -#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 -#: src/tools/sss_userdel.c:136 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:719 -msgid "The debug level to run with" -msgstr "Рівень діагностики під час запуску" +#~ msgid "If set to false, host argument given by PAM will be ignored" +#~ msgstr "" +#~ "Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде " +#~ "проігноровано" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:190 -msgid "The SSSD domain to use" -msgstr "Домен SSSD, який слід використовувати" +#~ msgid "The automounter location this IPA client is using" +#~ msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:74 -#: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 -#: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 -#: src/tools/sss_userdel.c:154 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:765 -msgid "Error setting the locale\n" -msgstr "Помилка під час спроби встановити локаль\n" +#~ msgid "Search base for object containing info about IPA domain" +#~ msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 -msgid "Not enough memory\n" -msgstr "Недостатньо пам’яті\n" +#~ msgid "Search base for objects containing info about ID ranges" +#~ msgstr "" +#~ "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 -msgid "User not specified\n" -msgstr "Не вказано користувача\n" +#~ msgid "Enable DNS sites - location based service discovery" +#~ msgstr "Увімкнути сайти DNS — визначення служб на основі адрес" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:97 -msgid "Error looking up public keys\n" -msgstr "Помилка під час спроби пошуку відкритих ключів\n" +#~ msgid "Search base for view containers" +#~ msgstr "Шукати у базі контейнери перегляду" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:188 -msgid "The port to use to connect to the host" -msgstr "Порт, яким слід користуватися для встановлення з’єднань з вузлом" +#~ msgid "Objectclass for view containers" +#~ msgstr "Клас об’єктів для контейнерів перегляду" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 -msgid "Print the host ssh public keys" -msgstr "Вивести відкриті ключі SSH вузла" +#~ msgid "Attribute with the name of the view" +#~ msgstr "Атрибут із назвою перегляду" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:234 -msgid "Invalid port\n" -msgstr "Некоректний порт.\n" +#~ msgid "Objectclass for override objects" +#~ msgstr "Клас об’єктів для об’єктів перевизначення" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:239 -msgid "Host not specified\n" -msgstr "Не вказано вузол\n" +#~ msgid "Attribute with the reference to the original object" +#~ msgstr "Атрибут із посиланням на початковий об’єкт" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:245 -msgid "The path to the proxy command must be absolute\n" -msgstr "Має бути вказано абсолютний шлях до команди проксі-сервера\n" +#~ msgid "Objectclass for user override objects" +#~ msgstr "Клас об’єктів для об’єктів перевизначення користувачів" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:324 -#, c-format -msgid "sss_ssh_knownhostsproxy: Could not resolve hostname %s\n" -msgstr "sss_ssh_knownhostsproxy: не вдалося визначити назву вузла %s\n" +#~ msgid "Objectclass for group override objects" +#~ msgstr "Клас об’єктів для об’єктів перевизначення груп" + +#~ msgid "Search base for Desktop Profile related objects" +#~ msgstr "Шукати у базі пов'язані і профілями станцій об'єкти" -#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48 -msgid "The UID of the user" -msgstr "Ідентифікатор користувача" +#~ msgid "" +#~ "The amount of time in seconds between lookups of the Desktop Profile " +#~ "rules against the IPA server" +#~ msgstr "" +#~ "Час, у секундах, між пошуками у правилах профілів станцій на сервері IPA" -#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50 -msgid "The comment string" -msgstr "Рядок коментаря" +#~ msgid "" +#~ "The amount of time in minutes between lookups of Desktop Profiles rules " +#~ "against the IPA server when the last request did not find any rule" +#~ msgstr "" +#~ "Час, у хвилинах, між пошуками у правилах профілів станцій на сервері IPA, " +#~ "якщо під час останнього запиту не було знайдено жодного правила" -#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51 -msgid "Home directory" -msgstr "Домашній каталог" +#~ msgid "Active Directory domain" +#~ msgstr "Домен Active Directory" -#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52 -msgid "Login shell" -msgstr "Оболонка входу" +#~ msgid "Enabled Active Directory domains" +#~ msgstr "Увімкнені домени Active Directory" -#: src/tools/sss_useradd.c:53 -msgid "Groups" -msgstr "Групи" +#~ msgid "Active Directory server address" +#~ msgstr "Адреса сервера Active Directory" -#: src/tools/sss_useradd.c:54 -msgid "Create user's directory if it does not exist" -msgstr "Створити каталог користувача, якщо його ще не існує" +#~ msgid "Active Directory backup server address" +#~ msgstr "Адреса резервного сервера Active Directory" -#: src/tools/sss_useradd.c:55 -msgid "Never create user's directory, overrides config" -msgstr "Ніколи не створювати каталог користувача, перевизначає налаштування" +#~ msgid "Active Directory client hostname" +#~ msgstr "Назва клієнтського вузла Active Directory" -#: src/tools/sss_useradd.c:56 -msgid "Specify an alternative skeleton directory" -msgstr "Вказати альтернативний основний каталог" +#~ msgid "LDAP filter to determine access privileges" +#~ msgstr "Фільтр LDAP для визначення прав доступу" -#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:60 -msgid "The SELinux user for user's login" -msgstr "Ім’я користувача SELinux для входу до системи" +#~ msgid "Whether to use the Global Catalog for lookups" +#~ msgstr "Чи слід використовувати загальний каталог для пошуку" -#: src/tools/sss_useradd.c:87 src/tools/sss_groupmod.c:79 -#: src/tools/sss_usermod.c:92 -msgid "Specify group to add to\n" -msgstr "Вкажіть групу для додавання\n" +#~ msgid "Operation mode for GPO-based access control" +#~ msgstr "Режим роботи для керування доступом на основі GPO" -#: src/tools/sss_useradd.c:111 -msgid "Specify user to add\n" -msgstr "Вкажіть користувача, запис якого слід додати\n" +#~ msgid "" +#~ "The amount of time between lookups of the GPO policy files against the AD " +#~ "server" +#~ msgstr "" +#~ "Інтервал часу між послідовними сеансами пошуку правил GPO на сервері AD" -#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86 -#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113 -#: src/tools/sss_groupshow.c:714 src/tools/sss_userdel.c:200 -#: src/tools/sss_usermod.c:162 -msgid "Error initializing the tools - no local domain\n" -msgstr "Помилка ініціалізації інструментів: немає локального домену\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " +#~ "(Deny)InteractiveLogonRight" -#: src/tools/sss_useradd.c:123 src/tools/sss_groupadd.c:88 -#: src/tools/sss_groupdel.c:82 src/tools/sss_groupmod.c:115 -#: src/tools/sss_groupshow.c:716 src/tools/sss_userdel.c:202 -#: src/tools/sss_usermod.c:164 -msgid "Error initializing the tools\n" -msgstr "Помилка ініціалізації інструментів\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " +#~ "policy settings" +#~ msgstr "" +#~ "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " +#~ "(Deny)RemoteInteractiveLogonRight" -#: src/tools/sss_useradd.c:132 src/tools/sss_groupadd.c:97 -#: src/tools/sss_groupdel.c:91 src/tools/sss_groupmod.c:123 -#: src/tools/sss_groupshow.c:725 src/tools/sss_userdel.c:211 -#: src/tools/sss_usermod.c:173 -msgid "Invalid domain specified in FQDN\n" -msgstr "У FQDN вказано некоректний домен\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " +#~ "(Deny)NetworkLogonRight" -#: src/tools/sss_useradd.c:142 src/tools/sss_groupmod.c:144 -#: src/tools/sss_groupmod.c:173 src/tools/sss_usermod.c:197 -#: src/tools/sss_usermod.c:226 -msgid "Internal error while parsing parameters\n" -msgstr "Внутрішня помилка під час обробки параметрів\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)BatchLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " +#~ "(Deny)BatchLogonRight" -#: src/tools/sss_useradd.c:151 src/tools/sss_usermod.c:206 -#: src/tools/sss_usermod.c:235 -msgid "Groups must be in the same domain as user\n" -msgstr "Групи мають належати до того самого домену, що і користувач\n" +#~ msgid "" +#~ "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " +#~ "settings" +#~ msgstr "" +#~ "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " +#~ "(Deny)ServiceLogonRight" -#: src/tools/sss_useradd.c:159 -#, c-format -msgid "Cannot find group %1$s in local domain\n" -msgstr "Не вдалося знайти групу %1$s у локальному домені\n" +#~ msgid "PAM service names for which GPO-based access is always granted" +#~ msgstr "Назви служб PAM, яким завжди надається доступ на основі GPO" -#: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:221 -msgid "Cannot set default values\n" -msgstr "Не вдалося встановити типові значення\n" +#~ msgid "PAM service names for which GPO-based access is always denied" +#~ msgstr "Назви служб PAM, яким ніколи не надається доступ на основі GPO" -#: src/tools/sss_useradd.c:181 src/tools/sss_usermod.c:187 -msgid "The selected UID is outside the allowed range\n" -msgstr "" -"Вибраний ідентифікатор користувача не належить до діапазону дозволених\n" +#~ msgid "" +#~ "Default logon right (or permit/deny) to use for unmapped PAM service names" +#~ msgstr "" +#~ "Типове правило входу (або допуск/заборона), яким слід користуватися для " +#~ "неприв’язаних назв служб PAM" -#: src/tools/sss_useradd.c:210 src/tools/sss_usermod.c:305 -msgid "Cannot set SELinux login context\n" -msgstr "Не вдалося встановити контекст входу SELinux\n" +#~ msgid "a particular site to be used by the client" +#~ msgstr "певний сайт, який слід використовувати клієнту" -#: src/tools/sss_useradd.c:224 -msgid "Cannot get info about the user\n" -msgstr "Не вдалося отримати відомості щодо користувача\n" +#~ msgid "" +#~ "Maximum age in days before the machine account password should be renewed" +#~ msgstr "" +#~ "Максимальний вік пароля облікового запису комп'ютера, при досягненні " +#~ "якого пароль має бути оновлено" -#: src/tools/sss_useradd.c:236 -msgid "User's home directory already exists, not copying data from skeldir\n" -msgstr "" -"Домашній каталог користувача вже існує, копіювання даних з каталогу skel не " -"виконуватиметься\n" +#~ msgid "Option for tuning the machine account renewal task" +#~ msgstr "" +#~ "Параметр налаштовування завдання оновлення облікових записів комп’ютерів" -#: src/tools/sss_useradd.c:239 -#, c-format -msgid "Cannot create user's home directory: %1$s\n" -msgstr "Не вдалося створити домашній каталог користувача: %1$s\n" +#~ msgid "Kerberos server address" +#~ msgstr "Адреса сервера Kerberos" -#: src/tools/sss_useradd.c:250 -#, c-format -msgid "Cannot create user's mail spool: %1$s\n" -msgstr "Не вдалося створити поштовий буфер користувача: %1$s\n" +#~ msgid "Kerberos backup server address" +#~ msgstr "Адреса резервного сервера Kerberos" -#: src/tools/sss_useradd.c:270 -msgid "Could not allocate ID for the user - domain full?\n" -msgstr "" -"Не вдалося отримати ідентифікатор для користувача. Домен переповнено?\n" +#~ msgid "Kerberos realm" +#~ msgstr "Область Kerberos" -#: src/tools/sss_useradd.c:274 -msgid "A user or group with the same name or ID already exists\n" -msgstr "" -"Вже існує користувач або група з таким самим іменем, назвою або " -"ідентифікатором\n" +#~ msgid "Authentication timeout" +#~ msgstr "Час очікування на розпізнавання" -#: src/tools/sss_useradd.c:280 -msgid "Transaction error. Could not add user.\n" -msgstr "Помилка під час виконання операції. Не вдалося додати користувача.\n" +#~ msgid "Whether to create kdcinfo files" +#~ msgstr "Визначає, чи слід створювати файли kdcinfo" -#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48 -msgid "The GID of the group" -msgstr "Ідентифікатор групи" +#~ msgid "Where to drop krb5 config snippets" +#~ msgstr "Місце, куди слід скидати фрагменти налаштувань krb5" -#: src/tools/sss_groupadd.c:76 -msgid "Specify group to add\n" -msgstr "Вкажіть групу, яку слід додати\n" +#~ msgid "Directory to store credential caches" +#~ msgstr "Каталог, де зберігатиметься кеш реєстраційних даних" -#: src/tools/sss_groupadd.c:106 src/tools/sss_groupmod.c:198 -msgid "The selected GID is outside the allowed range\n" -msgstr "Вибраний ідентифікатор групи не належить до діапазону дозволених\n" +#~ msgid "Location of the user's credential cache" +#~ msgstr "Адреса кешу реєстраційних даних користувача" -#: src/tools/sss_groupadd.c:143 -msgid "Could not allocate ID for the group - domain full?\n" -msgstr "Не вдалося отримати ідентифікатор для групи. Домен переповнено?\n" +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "Адреса таблиці ключів для перевірки реєстраційних даних" -#: src/tools/sss_groupadd.c:147 -msgid "A group with the same name or GID already exists\n" -msgstr "Вже існує група з такою самою назвою або ідентифікатором\n" +#~ msgid "Enable credential validation" +#~ msgstr "Увімкнути перевірку реєстраційних даних" -#: src/tools/sss_groupadd.c:153 -msgid "Transaction error. Could not add group.\n" -msgstr "Помилка під час виконання операції Не вдалося додати групу.\n" +#~ msgid "Store password if offline for later online authentication" +#~ msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі" -#: src/tools/sss_groupdel.c:70 -msgid "Specify group to delete\n" -msgstr "Вкажіть групу, яку слід вилучити\n" +#~ msgid "Renewable lifetime of the TGT" +#~ msgstr "Поновлюваний строк дії TGT" -#: src/tools/sss_groupdel.c:104 -#, c-format -msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "Група %1$s не належить визначеному діапазону ідентифікаторів домену\n" +#~ msgid "Lifetime of the TGT" +#~ msgstr "Строк дії TGT" -#: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 -#: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 -#: src/tools/sss_userdel.c:297 src/tools/sss_usermod.c:282 -#: src/tools/sss_usermod.c:289 src/tools/sss_usermod.c:296 -#, c-format -msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" -msgstr "" -"Спроба запиту NSS зазнала невдачі (%1$d). Запис може залишитися у кеші у " -"пам’яті.\n" +#~ msgid "Time between two checks for renewal" +#~ msgstr "Граничний час між двома перевірками для поновлення" -#: src/tools/sss_groupdel.c:132 -msgid "" -"No such group in local domain. Removing groups only allowed in local " -"domain.\n" -msgstr "" -"У локальному домені немає такої групи. Вилучення груп можливе лише у межах " -"локального домену.\n" +#~ msgid "Enables FAST" +#~ msgstr "Вмикає FAST" -#: src/tools/sss_groupdel.c:137 -msgid "Internal error. Could not remove group.\n" -msgstr "Внутрішня помилка. Не вдалося вилучити запис групи.\n" +#~ msgid "Selects the principal to use for FAST" +#~ msgstr "Визначає реєстраційний запис, який слід використовувати для FAST" -#: src/tools/sss_groupmod.c:44 -msgid "Groups to add this group to" -msgstr "Групи, до яких слід додати цю групу" +#~ msgid "Enables principal canonicalization" +#~ msgstr "Вмикає перетворення реєстраційних записів у канонічну форму" -#: src/tools/sss_groupmod.c:46 -msgid "Groups to remove this group from" -msgstr "Групи, з яких слід вилучити цю групу" +#~ msgid "Enables enterprise principals" +#~ msgstr "Увімкнути промислові реєстраційні дані" -#: src/tools/sss_groupmod.c:87 src/tools/sss_usermod.c:100 -msgid "Specify group to remove from\n" -msgstr "Вкажіть групу, запис якої слід вилучити\n" +#~ msgid "A mapping from user names to Kerberos principal names" +#~ msgstr "Прив’язка імен користувачів до основних імен Kerberos" -#: src/tools/sss_groupmod.c:101 -msgid "Specify group to modify\n" -msgstr "Вкажіть групу, запис якої слід змінити\n" +#~ msgid "" +#~ "Server where the change password service is running if not on the KDC" +#~ msgstr "" +#~ "Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться " +#~ "виявити у KDC" -#: src/tools/sss_groupmod.c:130 -msgid "" -"Cannot find group in local domain, modifying groups is allowed only in local " -"domain\n" -msgstr "" -"Не вдалося знайти групу у локальному домені. Зміну записів груп можна " -"виконувати лише у межах локального домену\n" +#~ msgid "ldap_uri, The URI of the LDAP server" +#~ msgstr "ldap_uri, адреса URI сервера LDAP" -#: src/tools/sss_groupmod.c:153 src/tools/sss_groupmod.c:182 -msgid "Member groups must be in the same domain as parent group\n" -msgstr "" -"Групи-учасники мають належати до того самого домену, що і основна група\n" +#~ msgid "ldap_backup_uri, The URI of the LDAP server" +#~ msgstr "ldap_backup_uri, адреса сервера LDAP" -#: src/tools/sss_groupmod.c:161 src/tools/sss_groupmod.c:190 -#: src/tools/sss_usermod.c:214 src/tools/sss_usermod.c:243 -#, c-format -msgid "" -"Cannot find group %1$s in local domain, only groups in local domain are " -"allowed\n" -msgstr "" -"Не вдалося знайти групу %1$s у локальному домені, можна використовувати лише " -"групи з локального домену\n" +#~ msgid "The default base DN" +#~ msgstr "Типова базова назва домену" -#: src/tools/sss_groupmod.c:257 -msgid "Could not modify group - check if member group names are correct\n" -msgstr "" -"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назви груп-" -"учасників\n" +#~ msgid "The Schema Type in use on the LDAP server, rfc2307" +#~ msgstr "Тип схеми, використаний на сервері LDAP, rfc2307" -#: src/tools/sss_groupmod.c:261 -msgid "Could not modify group - check if groupname is correct\n" -msgstr "" -"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назву групи\n" +#~ msgid "Mode used to change user password" +#~ msgstr "Режим для зміни пароля користувача" -#: src/tools/sss_groupmod.c:265 -msgid "Transaction error. Could not modify group.\n" -msgstr "Помилка під час виконання операції Не вдалося змінити групу.\n" +#~ msgid "The default bind DN" +#~ msgstr "Типова назва домену прив’язки" -#: src/tools/sss_groupshow.c:616 -msgid "Magic Private " -msgstr "Магічна приватна " +#~ msgid "The type of the authentication token of the default bind DN" +#~ msgstr "Тип розпізнавання для типової назви сервера прив’язки" -#: src/tools/sss_groupshow.c:615 -#, c-format -msgid "%1$s%2$sGroup: %3$s\n" -msgstr "%1$s%2$sГрупа: %3$s\n" +#~ msgid "The authentication token of the default bind DN" +#~ msgstr "Лексема розпізнавання типової назви сервера прив’язки" -#: src/tools/sss_groupshow.c:618 -#, c-format -msgid "%1$sGID number: %2$d\n" -msgstr "%1$sНомер GID: %2$d\n" +#~ msgid "Length of time to attempt connection" +#~ msgstr "Проміжок часу між спробами встановлення з’єднання" -#: src/tools/sss_groupshow.c:620 -#, c-format -msgid "%1$sMember users: " -msgstr "%1$sКористувачі-учасники: " +#~ msgid "Length of time to attempt synchronous LDAP operations" +#~ msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP" -#: src/tools/sss_groupshow.c:627 -#, c-format -msgid "" -"\n" -"%1$sIs a member of: " -msgstr "" -"\n" -"%1$sє учасником: " +#~ msgid "Length of time between attempts to reconnect while offline" +#~ msgstr "" +#~ "Проміжок часу між повторними спробами встановлення з’єднання у " +#~ "автономному режимі" -#: src/tools/sss_groupshow.c:634 -#, c-format -msgid "" -"\n" -"%1$sMember groups: " -msgstr "" -"\n" -"%1$sГрупи-учасники: " +#~ msgid "Use only the upper case for realm names" +#~ msgstr "Використовувати для назв областей лише великі літери" -#: src/tools/sss_groupshow.c:670 -msgid "Print indirect group members recursively" -msgstr "Виводити дані щодо непрямих учасників групи рекурсивно" +#~ msgid "File that contains CA certificates" +#~ msgstr "Файл, що містить сертифікати CA" -#: src/tools/sss_groupshow.c:704 -msgid "Specify group to show\n" -msgstr "Вкажіть групу, дані якої слід показати\n" +#~ msgid "Path to CA certificate directory" +#~ msgstr "Шлях до каталогу сертифікатів CA" -#: src/tools/sss_groupshow.c:744 -msgid "" -"No such group in local domain. Printing groups only allowed in local " -"domain.\n" -msgstr "" -"У локальному домені немає такої групи. Вивід даних груп можливий лише у " -"межах локального домену.\n" +#~ msgid "File that contains the client certificate" +#~ msgstr "Файл, що містить клієнтський сертифікат" -#: src/tools/sss_groupshow.c:749 -msgid "Internal error. Could not print group.\n" -msgstr "Внутрішня помилка. Не вдалося вивести дані групи.\n" +#~ msgid "File that contains the client key" +#~ msgstr "Файл, що містить клієнтський ключ" -#: src/tools/sss_userdel.c:138 -msgid "Remove home directory and mail spool" -msgstr "Вилучити домашній каталог і поштовий буфер" +#~ msgid "List of possible ciphers suites" +#~ msgstr "Показати список можливих інструментів шифрування" -#: src/tools/sss_userdel.c:140 -msgid "Do not remove home directory and mail spool" -msgstr "Не вилучати домашній каталог і поштовий буфер" +#~ msgid "Require TLS certificate verification" +#~ msgstr "Потрібна перевірка сертифіката TLS" -#: src/tools/sss_userdel.c:142 -msgid "Force removal of files not owned by the user" -msgstr "Примусово вилучити файли, які не належать користувачеві" +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "Вкажіть механізм SASL, який слід використовувати" -#: src/tools/sss_userdel.c:144 -msgid "Kill users' processes before removing him" -msgstr "Припинити роботу процесів користувача перед вилученням його запису" +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати" -#: src/tools/sss_userdel.c:190 -msgid "Specify user to delete\n" -msgstr "Вкажіть користувача, запис якого слід вилучити\n" +#~ msgid "Specify the sasl authorization realm to use" +#~ msgstr "Вкажіть область уповноваження SASL, яку слід використовувати" -#: src/tools/sss_userdel.c:236 -#, c-format -msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "" -"Користувач %1$s не належить визначеному діапазону ідентифікаторів домену\n" +#~ msgid "Specify the minimal SSF for LDAP sasl authorization" +#~ msgstr "" +#~ "Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою " +#~ "sasl" -#: src/tools/sss_userdel.c:261 -msgid "Cannot reset SELinux login context\n" -msgstr "Не вдалося відновити початковий контекст входу SELinux\n" +#~ msgid "Kerberos service keytab" +#~ msgstr "Таблиця ключів служби Kerberos" -#: src/tools/sss_userdel.c:273 -#, c-format -msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" -msgstr "" -"ПОПЕРЕДЖЕННЯ: користувач (uid %1$lu) все ще працював у системі на час " -"вилучення його запису.\n" +#~ msgid "Use Kerberos auth for LDAP connection" +#~ msgstr "Розпізнавання Kerberos для з’єднання LDAP" -#: src/tools/sss_userdel.c:278 -msgid "Cannot determine if the user was logged in on this platform" -msgstr "" -"Не вдалося визначити, чи увійшов користувач до системи на цій платформі" +#~ msgid "Follow LDAP referrals" +#~ msgstr "Переходити за посиланнями LDAP" -#: src/tools/sss_userdel.c:283 -msgid "Error while checking if the user was logged in\n" -msgstr "Помилка під час перевірки входу користувача до системи\n" +#~ msgid "Lifetime of TGT for LDAP connection" +#~ msgstr "Строк дії TGT для з’єднання LDAP" -#: src/tools/sss_userdel.c:290 -#, c-format -msgid "The post-delete command failed: %1$s\n" -msgstr "Помилка команди, яку слід було виконати після вилучення запису: %1$s\n" +#~ msgid "How to dereference aliases" +#~ msgstr "Спосіб розіменування псевдонімів" -#: src/tools/sss_userdel.c:310 -msgid "Not removing home dir - not owned by user\n" -msgstr "Домашній каталог не буде вилучено. Він не належить користувачеві.\n" +#~ msgid "Service name for DNS service lookups" +#~ msgstr "Назва служби для пошуків за допомогою служби DNS" -#: src/tools/sss_userdel.c:312 -#, c-format -msgid "Cannot remove homedir: %1$s\n" -msgstr "Не вдалося вилучити домашній каталог: %1$s\n" +#~ msgid "The number of records to retrieve in a single LDAP query" +#~ msgstr "" +#~ "Кількість записів, які слід отримувати у відповідь на один запит LDAP" -#: src/tools/sss_userdel.c:326 -msgid "" -"No such user in local domain. Removing users only allowed in local domain.\n" -msgstr "" -"У локальному домені немає такого користувача. Вилучення користувачів можливе " -"лише у межах локального домену.\n" +#~ msgid "The number of members that must be missing to trigger a full deref" +#~ msgstr "" +#~ "Кількість учасників, яких має не вистачати для вмикання повного " +#~ "скасування посилань" -#: src/tools/sss_userdel.c:331 -msgid "Internal error. Could not remove user.\n" -msgstr "Внутрішня помилка Не вдалося вилучити запис користувача.\n" +#~ msgid "" +#~ "Whether the LDAP library should perform a reverse lookup to canonicalize " +#~ "the host name during a SASL bind" +#~ msgstr "" +#~ "Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою " +#~ "переведення назв вузлів у канонічну форму під час прив’язки до SASL" -#: src/tools/sss_usermod.c:49 -msgid "The GID of the user" -msgstr "Ідентифікатор групи користувача" +#~ msgid "entryUSN attribute" +#~ msgstr "Атрибут entryUSN" -#: src/tools/sss_usermod.c:53 -msgid "Groups to add this user to" -msgstr "Групи, до яких слід додати цього користувача" +#~ msgid "lastUSN attribute" +#~ msgstr "Атрибут lastUSN" -#: src/tools/sss_usermod.c:54 -msgid "Groups to remove this user from" -msgstr "Групи, з яких слід вилучити цього користувача" +#~ msgid "" +#~ "How long to retain a connection to the LDAP server before disconnecting" +#~ msgstr "" +#~ "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням" -#: src/tools/sss_usermod.c:55 -msgid "Lock the account" -msgstr "Заблокувати обліковий запис" +#~ msgid "Disable the LDAP paging control" +#~ msgstr "Вимкнути контроль сторінок у LDAP" -#: src/tools/sss_usermod.c:56 -msgid "Unlock the account" -msgstr "Розблокувати обліковий запис" +#~ msgid "Disable Active Directory range retrieval" +#~ msgstr "Вимкнути отримання діапазонів Active Directory" -#: src/tools/sss_usermod.c:57 -msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "Додати пару атрибут-значення. Форматування: атрибут=значення." +#~ msgid "Length of time to wait for a search request" +#~ msgstr "Тривалість очікування на дані запиту пошуку" -#: src/tools/sss_usermod.c:58 -msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "Вилучити пару атрибут-значення. Форматування: атрибут=значення." +#~ msgid "Length of time to wait for a enumeration request" +#~ msgstr "Тривалість очікування на дані запиту щодо переліку" -#: src/tools/sss_usermod.c:59 -msgid "" -"Set an attribute to a name/value pair. The format is attrname=value. For " -"multi-valued attributes, the command replaces the values already present" -msgstr "" -"Встановити для вказаного за назвою атрибута значення. Форматування: " -"атрибут=значення. Для атрибутів з декількома значеннями команда призведе до " -"заміни поточних значень." +#~ msgid "Length of time between enumeration updates" +#~ msgstr "Проміжок часу між оновленнями нумерації" -#: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 -#: src/tools/sss_usermod.c:135 -msgid "Specify the attribute name/value pair(s)\n" -msgstr "Вказати пари атрибут-значення\n" +#~ msgid "Length of time between cache cleanups" +#~ msgstr "Проміжок часу між спорожненнями кешу" -#: src/tools/sss_usermod.c:152 -msgid "Specify user to modify\n" -msgstr "Вкажіть користувача, запис якого слід змінити\n" +#~ msgid "Require TLS for ID lookups" +#~ msgstr "Вимагати TLS для пошуків ідентифікаторів" -#: src/tools/sss_usermod.c:180 -msgid "" -"Cannot find user in local domain, modifying users is allowed only in local " -"domain\n" -msgstr "" -"Не вдалося знайти користувача у локальному домені. Зміну записів " -"користувачів можна виконувати лише у межах локального домену\n" +#~ msgid "Use ID-mapping of objectSID instead of pre-set IDs" +#~ msgstr "" +#~ "Використовувати відповідності ідентифікаторів objectSID замість " +#~ "попередньо встановлених ідентифікаторів" -#: src/tools/sss_usermod.c:322 -msgid "Could not modify user - check if group names are correct\n" -msgstr "" -"Не вдалося змінити запис користувача. Перевірте, чи правильно вказано назви " -"груп\n" +#~ msgid "Base DN for user lookups" +#~ msgstr "Базова назва домену для пошуків користувачів" -#: src/tools/sss_usermod.c:326 -msgid "Could not modify user - user already member of groups?\n" -msgstr "" -"Не вдалося змінити запис користувача. Користувач вже є учасником груп?\n" +#~ msgid "Scope of user lookups" +#~ msgstr "Діапазон пошуків користувачів" -#: src/tools/sss_usermod.c:330 -msgid "Transaction error. Could not modify user.\n" -msgstr "" -"Помилка під час виконання операції. Не вдалося змінити запис користувача.\n" +#~ msgid "Filter for user lookups" +#~ msgstr "Фільтр пошуку користувачів" -#: src/tools/sss_cache.c:245 -msgid "No cache object matched the specified search\n" -msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n" +#~ msgid "Objectclass for users" +#~ msgstr "Клас об’єктів для користувачів" -#: src/tools/sss_cache.c:536 -#, c-format -msgid "Couldn't invalidate %1$s\n" -msgstr "Не вдалося скасувати чинність %1$s\n" +#~ msgid "Username attribute" +#~ msgstr "Атрибут імені користувача" -#: src/tools/sss_cache.c:543 -#, c-format -msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "Не вдалося скасувати чинність %1$s %2$s\n" +#~ msgid "UID attribute" +#~ msgstr "Атрибут UID" -#: src/tools/sss_cache.c:721 -msgid "Invalidate all cached entries" -msgstr "Скасувати чинність усіх кешованих записів" +#~ msgid "Primary GID attribute" +#~ msgstr "Головний атрибут GID" -#: src/tools/sss_cache.c:723 -msgid "Invalidate particular user" -msgstr "Скасувати визначення певного користувача" +#~ msgid "GECOS attribute" +#~ msgstr "Атрибут GECOS" -#: src/tools/sss_cache.c:725 -msgid "Invalidate all users" -msgstr "Скасувати визначення всіх користувачів" +#~ msgid "Home directory attribute" +#~ msgstr "Атрибут домашнього каталогу" -#: src/tools/sss_cache.c:727 -msgid "Invalidate particular group" -msgstr "Скасувати визначення певної групи" +#~ msgid "Shell attribute" +#~ msgstr "Атрибут оболонки" -#: src/tools/sss_cache.c:729 -msgid "Invalidate all groups" -msgstr "Скасувати визначення всіх груп" +#~ msgid "UUID attribute" +#~ msgstr "Атрибут UUID" -#: src/tools/sss_cache.c:731 -msgid "Invalidate particular netgroup" -msgstr "Скасувати визначення певної мережевої групи" +#~ msgid "objectSID attribute" +#~ msgstr "Атрибут objectSID" -#: src/tools/sss_cache.c:733 -msgid "Invalidate all netgroups" -msgstr "Скасувати визначення всіх мережевих груп" +#~ msgid "Active Directory primary group attribute for ID-mapping" +#~ msgstr "" +#~ "Атрибут основної групи Active Directory для встановлення відповідності " +#~ "ідентифікатора" -#: src/tools/sss_cache.c:735 -msgid "Invalidate particular service" -msgstr "Скасувати визначення певної служби" +#~ msgid "User principal attribute (for Kerberos)" +#~ msgstr "Атрибут реєстраційного запису користувача (для Kerberos)" -#: src/tools/sss_cache.c:737 -msgid "Invalidate all services" -msgstr "Скасувати визначення всіх служб" +#~ msgid "Full Name" +#~ msgstr "Повне ім'я" -#: src/tools/sss_cache.c:740 -msgid "Invalidate particular autofs map" -msgstr "Скасувати визначення певну карту autofs" +#~ msgid "memberOf attribute" +#~ msgstr "Атрибут memberOf" -#: src/tools/sss_cache.c:742 -msgid "Invalidate all autofs maps" -msgstr "Скасувати визначення всіх карт autofs" +#~ msgid "Modification time attribute" +#~ msgstr "Атрибут часу зміни" -#: src/tools/sss_cache.c:746 -msgid "Invalidate particular SSH host" -msgstr "Скасувати чинність певного вузла SSH" +#~ msgid "shadowLastChange attribute" +#~ msgstr "Атрибут shadowLastChange" -#: src/tools/sss_cache.c:748 -msgid "Invalidate all SSH hosts" -msgstr "Скасувати чинність усіх вузлів SSH" +#~ msgid "shadowMin attribute" +#~ msgstr "Атрибут shadowMin" -#: src/tools/sss_cache.c:752 -msgid "Invalidate particular sudo rule" -msgstr "Скасувати чинність певного правила sudo" +#~ msgid "shadowMax attribute" +#~ msgstr "Атрибут shadowMax" -#: src/tools/sss_cache.c:754 -msgid "Invalidate all cached sudo rules" -msgstr "Скасувати чинність усіх кешованих правил sudo" +#~ msgid "shadowWarning attribute" +#~ msgstr "Атрибут shadowWarning" -#: src/tools/sss_cache.c:757 -msgid "Only invalidate entries from a particular domain" -msgstr "Скасувати визначення лише записів з певного домену" +#~ msgid "shadowInactive attribute" +#~ msgstr "Атрибут shadowInactive" -#: src/tools/sss_cache.c:811 -msgid "" -"Unexpected argument(s) provided, options that invalidate a single object " -"only accept a single provided argument.\n" -msgstr "" -"Надано неочікувані аргументи. Параметри, які скасовують чинність окремого " -"об'єкта вимагають лише одного наданого аргументу.\n" +#~ msgid "shadowExpire attribute" +#~ msgstr "Атрибут shadowExpire" -#: src/tools/sss_cache.c:821 -msgid "Please select at least one object to invalidate\n" -msgstr "" -"Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n" +#~ msgid "shadowFlag attribute" +#~ msgstr "Атрибут shadowFlag" -#: src/tools/sss_cache.c:904 -#, c-format -msgid "" -"Could not open domain %1$s. If the domain is a subdomain (trusted domain), " -"use fully qualified name instead of --domain/-d parameter.\n" -msgstr "" -"Не вдалося відкрити домен %1$s. Якщо цей домен є піддоменом (довіреним " -"доменом), скористайтеся повною назвою замість параметра --domain/-d.\n" +#~ msgid "Attribute listing authorized PAM services" +#~ msgstr "Атрибути зі списком уповноважених служб PAM" -#: src/tools/sss_cache.c:909 -msgid "Could not open available domains\n" -msgstr "Не вдалося відкрити доступні домени\n" +#~ msgid "Attribute listing authorized server hosts" +#~ msgstr "Атрибути зі списком уповноважених серверних вузлів" -#: src/tools/tools_util.c:202 -#, c-format -msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "Здається, назва «%1$s» не є FQDN (встановлено «%2$s = TRUE»)\n" +#~ msgid "Attribute listing authorized server rhosts" +#~ msgstr "Атрибути зі списком уповноважених серверних r-вузлів" -#: src/tools/tools_util.c:309 -msgid "Out of memory\n" -msgstr "Не вистачає пам'яті\n" +#~ msgid "krbLastPwdChange attribute" +#~ msgstr "Атрибут krbLastPwdChange" -#: src/tools/tools_util.h:40 -#, c-format -msgid "%1$s must be run as root\n" -msgstr "%1$s слід запускати від імені користувача root\n" +#~ msgid "krbPasswordExpiration attribute" +#~ msgstr "Атрибут krbPasswordExpiration" -#: src/tools/sssctl/sssctl.c:35 -msgid "yes" -msgstr "так" +#~ msgid "Attribute indicating that server side password policies are active" +#~ msgstr "" +#~ "Атрибут, що відповідає за активізацію правил обробки паролів на боці " +#~ "сервера" -#: src/tools/sssctl/sssctl.c:37 -msgid "no" -msgstr "ні" +#~ msgid "accountExpires attribute of AD" +#~ msgstr "Атрибут accountExpires AD" -#: src/tools/sssctl/sssctl.c:39 -msgid "error" -msgstr "помилка" +#~ msgid "userAccountControl attribute of AD" +#~ msgstr "Атрибут userAccountControl AD" -#: src/tools/sssctl/sssctl.c:42 -msgid "Invalid result." -msgstr "Некоректний результат." +#~ msgid "nsAccountLock attribute" +#~ msgstr "Атрибут nsAccountLock" -#: src/tools/sssctl/sssctl.c:78 -msgid "Unable to read user input\n" -msgstr "Не вдалося прочитати вхідні дані користувача\n" +#~ msgid "loginDisabled attribute of NDS" +#~ msgstr "Атрибут loginDisabled NDS" -#: src/tools/sssctl/sssctl.c:91 -#, c-format -msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "Некоректні вхідні дані, будь ласка, вкажіть «%s» або «%s».\n" +#~ msgid "loginExpirationTime attribute of NDS" +#~ msgstr "Атрибут loginExpirationTime NDS" -#: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 -msgid "Error while executing external command\n" -msgstr "Помилка під час спроби виконати зовнішню команду\n" +#~ msgid "loginAllowedTimeMap attribute of NDS" +#~ msgstr "Атрибут loginAllowedTimeMap NDS" -#: src/tools/sssctl/sssctl.c:156 -msgid "SSSD needs to be running. Start SSSD now?" -msgstr "SSSD має бути запущено. Запустити SSSD зараз?" +#~ msgid "SSH public key attribute" +#~ msgstr "Атрибут відкритого ключа SSH" -#: src/tools/sssctl/sssctl.c:195 -msgid "SSSD must not be running. Stop SSSD now?" -msgstr "Роботу SSSD не завершено. Зупинити SSSD зараз?" +#~ msgid "attribute listing allowed authentication types for a user" +#~ msgstr "атрибут зі списком дозволених типів розпізнавання для користувача" -#: src/tools/sssctl/sssctl.c:231 -msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "SSSD слід перезапустити. Перезапустити SSSD зараз?" +#~ msgid "attribute containing the X509 certificate of the user" +#~ msgstr "атрибут, що містить сертифікат X509 користувача" -#: src/tools/sssctl/sssctl_cache.c:31 -#, c-format -msgid " %s is not present in cache.\n" -msgstr " %s немає у кеші.\n" +#~ msgid "attribute containing the email address of the user" +#~ msgstr "атрибут, що містить адресу електронної пошти користувача" -#: src/tools/sssctl/sssctl_cache.c:33 -msgid "Name" -msgstr "Назва" +#~ msgid "A list of extra attributes to download along with the user entry" +#~ msgstr "" +#~ "Список додаткових атрибутів, які слід отримувати разом із записом " +#~ "користувача" -#: src/tools/sssctl/sssctl_cache.c:34 -msgid "Cache entry creation date" -msgstr "Дата створення запису у кеші" +#~ msgid "Base DN for group lookups" +#~ msgstr "Базова назва домену для пошуків груп" -#: src/tools/sssctl/sssctl_cache.c:35 -msgid "Cache entry last update time" -msgstr "Момент останнього оновлення запису у кеші" +#~ msgid "Objectclass for groups" +#~ msgstr "Клас об’єктів для груп" -#: src/tools/sssctl/sssctl_cache.c:36 -msgid "Cache entry expiration time" -msgstr "Час завершення строку дії запису у кеші" +#~ msgid "Group name" +#~ msgstr "Назва групи" -#: src/tools/sssctl/sssctl_cache.c:37 -msgid "Cached in InfoPipe" -msgstr "Кешовано в InfoPipe" +#~ msgid "Group password" +#~ msgstr "Пароль групи" -#: src/tools/sssctl/sssctl_cache.c:522 -#, c-format -msgid "Error: Unable to get object [%d]: %s\n" -msgstr "Помилка: не вдалося отримати об'єкт [%d]: %s\n" +#~ msgid "GID attribute" +#~ msgstr "Атрибут GID" -#: src/tools/sssctl/sssctl_cache.c:538 -#, c-format -msgid "%s: Unable to read value [%d]: %s\n" -msgstr "%s: не вдалося прочитати значення [%d]: %s\n" +#~ msgid "Group member attribute" +#~ msgstr "Атрибут членства у групі" -#: src/tools/sssctl/sssctl_cache.c:566 -msgid "Specify name." -msgstr "Вказати ім'я." +#~ msgid "Group UUID attribute" +#~ msgstr "Атрибут UUID групи" -#: src/tools/sssctl/sssctl_cache.c:576 -#, c-format -msgid "Unable to parse name %s.\n" -msgstr "Не вдалося обробити ім'я %s.\n" +#~ msgid "Modification time attribute for groups" +#~ msgstr "Атрибут часу зміни для груп" -#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 -msgid "Search by SID" -msgstr "Шукати за SID" +#~ msgid "Type of the group and other flags" +#~ msgstr "Тип групи та інші прапорці" -#: src/tools/sssctl/sssctl_cache.c:603 -msgid "Search by user ID" -msgstr "Шукати за ідентифікатором користувача" +#~ msgid "The LDAP group external member attribute" +#~ msgstr "Атрибут групи LDAP зовнішнього учасника" -#: src/tools/sssctl/sssctl_cache.c:612 -msgid "Initgroups expiration time" -msgstr "Час завершення строку дії груп ініціалізації" +#~ msgid "Maximum nesting level SSSD will follow" +#~ msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD" -#: src/tools/sssctl/sssctl_cache.c:650 -msgid "Search by group ID" -msgstr "Шукати за ідентифікатором групи" +#~ msgid "Base DN for netgroup lookups" +#~ msgstr "Базова назва домену для пошуків груп у мережі" -#: src/tools/sssctl/sssctl_config.c:70 -#, fuzzy, c-format -msgid "Failed to open %s\n" -msgstr "Не вдалося обробити ім'я %s.\n" +#~ msgid "Objectclass for netgroups" +#~ msgstr "Клас об’єктів для груп у мережі" -#: src/tools/sssctl/sssctl_config.c:75 -#, fuzzy, c-format -msgid "File %1$s does not exist.\n" -msgstr "Сокета SSSD не існує." +#~ msgid "Netgroup name" +#~ msgstr "Назва мережевої групи" -#: src/tools/sssctl/sssctl_config.c:79 -msgid "" -"File ownership and permissions check failed. Expected root:root and 0600.\n" -msgstr "" -"Не вдалося виконати перевірку прав власності і доступу до файлів. Мало бути " -"root:root і 0600.\n" +#~ msgid "Netgroups members attribute" +#~ msgstr "Атрибут членства у групах у мережі" -#: src/tools/sssctl/sssctl_config.c:85 -#, c-format -msgid "Failed to load configuration configuration from %s.\n" -msgstr "" +#~ msgid "Netgroup triple attribute" +#~ msgstr "Атрибут трійки груп у мережі" -#: src/tools/sssctl/sssctl_config.c:91 -msgid "Error while reading configuration directory.\n" -msgstr "" +#~ msgid "Modification time attribute for netgroups" +#~ msgstr "Атрибут часу зміни для мережевих груп" -#: src/tools/sssctl/sssctl_config.c:99 -#, fuzzy -msgid "" -"There is no configuration. SSSD will use default configuration with files " -"provider.\n" -msgstr "" -"Файла %1$s не існує. SSSD використовуватиме типові налаштування для модуля " -"надання даних щодо файлів.\n" +#~ msgid "Base DN for service lookups" +#~ msgstr "Базова сервер назв домену для пошуку служб" -#: src/tools/sssctl/sssctl_config.c:111 -msgid "Failed to run validators" -msgstr "" +#~ msgid "Objectclass for services" +#~ msgstr "Клас об’єктів для служб" -#: src/tools/sssctl/sssctl_config.c:115 -#, c-format -msgid "Issues identified by validators: %zu\n" -msgstr "Вади, які виявлено засобами перевірки: %zu\n" +#~ msgid "Service name attribute" +#~ msgstr "Атрибут назви служби" -#: src/tools/sssctl/sssctl_config.c:126 -#, c-format -msgid "Messages generated during configuration merging: %zu\n" -msgstr "Повідомлення, створені під час об'єднування налаштувань: %zu\n" +#~ msgid "Service port attribute" +#~ msgstr "Атрибут порту служби" -#: src/tools/sssctl/sssctl_config.c:137 -#, fuzzy, c-format -msgid "Used configuration snippet files: %zu\n" -msgstr "Використані файли фрагментів налаштувань: %u\n" +#~ msgid "Service protocol attribute" +#~ msgstr "Атрибут протоколу служби" -#: src/tools/sssctl/sssctl_data.c:89 -#, c-format -msgid "Unable to create backup directory [%d]: %s" -msgstr "Не вдалося створити каталог резервної копії [%d]: %s" +#~ msgid "Lower bound for ID-mapping" +#~ msgstr "Нижня межа встановлення відповідності ідентифікатора" -#: src/tools/sssctl/sssctl_data.c:95 -msgid "SSSD backup of local data already exists, override?" -msgstr "" -"Резервна копія SSSD для локальних даних вже існує. Хочете її перезаписати?" +#~ msgid "Upper bound for ID-mapping" +#~ msgstr "Верхня межа встановлення відповідності ідентифікатора" -#: src/tools/sssctl/sssctl_data.c:111 -msgid "Unable to export user overrides\n" -msgstr "Не вдалося експортувати перевизначення користувача\n" +#~ msgid "Number of IDs for each slice when ID-mapping" +#~ msgstr "" +#~ "Кількість ідентифікаторів для кожного зрізу під час встановлення " +#~ "відповідності ідентифікаторів" -#: src/tools/sssctl/sssctl_data.c:118 -msgid "Unable to export group overrides\n" -msgstr "Не вдалося експортувати перевизначення групи\n" +#~ msgid "Use autorid-compatible algorithm for ID-mapping" +#~ msgstr "" +#~ "Використовувати для встановлення відповідності ідентифікаторів алгоритм, " +#~ "сумісний з autorid" -#: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 -msgid "Override existing backup" -msgstr "Перевизначити наявну резервну копію" +#~ msgid "Name of the default domain for ID-mapping" +#~ msgstr "" +#~ "Назва типового домену для встановлення відповідності ідентифікаторів" -#: src/tools/sssctl/sssctl_data.c:164 -msgid "Unable to import user overrides\n" -msgstr "Не вдалося імпортувати перевизначення користувача\n" +#~ msgid "SID of the default domain for ID-mapping" +#~ msgstr "SID типового домену для встановлення відповідності ідентифікаторів" -#: src/tools/sssctl/sssctl_data.c:173 -msgid "Unable to import group overrides\n" -msgstr "Не вдалося імпортувати перевизначення групи\n" +#~ msgid "Number of secondary slices" +#~ msgstr "Кількість вторинних зрізів" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 -#: src/tools/sssctl/sssctl_domains.c:328 -msgid "Start SSSD if it is not running" -msgstr "Запустити SSSD, якщо його ще не запущено" +#~ msgid "Whether to use Token-Groups" +#~ msgstr "Визначає, чи слід використовувати крупи реєстраційних записів" -#: src/tools/sssctl/sssctl_data.c:195 -msgid "Restart SSSD after data import" -msgstr "Перезапустити SSSD після імпортування даних" +#~ msgid "Set lower boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/tools/sssctl/sssctl_data.c:218 -msgid "Create clean cache files and import local data" -msgstr "Створити порожні файли кешу і імпортувати локальні дані" +#~ msgid "Set upper boundary for allowed IDs from the LDAP server" +#~ msgstr "" +#~ "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/tools/sssctl/sssctl_data.c:219 -msgid "Stop SSSD before removing the cache" -msgstr "Зупинка SSSD до вилучення кешу" +#~ msgid "DN for ppolicy queries" +#~ msgstr "DN для запитів щодо ppolicy" -#: src/tools/sssctl/sssctl_data.c:220 -msgid "Start SSSD when the cache is removed" -msgstr "Запуск SSSD після вилучення кешу" +#~ msgid "How many maximum entries to fetch during a wildcard request" +#~ msgstr "" +#~ "Максимальна кількість записів для отримання під час обробки запитів із " +#~ "замінниками" -#: src/tools/sssctl/sssctl_data.c:235 -msgid "Creating backup of local data...\n" -msgstr "Створюємо резервну копію локальних даних...\n" +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "Правила оцінки завершення строку дії пароля" -#: src/tools/sssctl/sssctl_data.c:238 -msgid "Unable to create backup of local data, can not remove the cache.\n" -msgstr "" -"Не вдалося створити резервну копію локальних даних, не вдалося вилучити " -"кеш.\n" +#~ msgid "Which attributes shall be used to evaluate if an account is expired" +#~ msgstr "" +#~ "Атрибути які слід використовувати для визначення чинності облікового " +#~ "запису" -#: src/tools/sssctl/sssctl_data.c:243 -msgid "Removing cache files...\n" -msgstr "Вилучаємо файли кешу...\n" +#~ msgid "Which rules should be used to evaluate access control" +#~ msgstr "" +#~ "Правила, які має бути використано для визначення достатності прав доступу" -#: src/tools/sssctl/sssctl_data.c:246 -msgid "Unable to remove cache files\n" -msgstr "Не вдалося вилучити файли кешу\n" +#~ msgid "URI of an LDAP server where password changes are allowed" +#~ msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів" -#: src/tools/sssctl/sssctl_data.c:251 -msgid "Restoring local data...\n" -msgstr "Відновлюємо локальні дані...\n" +#~ msgid "URI of a backup LDAP server where password changes are allowed" +#~ msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів" -#: src/tools/sssctl/sssctl_domains.c:83 -msgid "Show domain list including primary or trusted domain type" -msgstr "" -"Показати список доменів з включенням основних або довірених типів доменів" +#~ msgid "DNS service name for LDAP password change server" +#~ msgstr "Назва у службі DNS сервера зміни паролів LDAP" -#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:367 -#: src/tools/sssctl/sssctl_user_checks.c:95 -msgid "Unable to connect to system bus!\n" -msgstr "" -"Не вдалося встановити з'єднання із системним каналом передавання даних!\n" +#~ msgid "" +#~ "Whether to update the ldap_user_shadow_last_change attribute after a " +#~ "password change" +#~ msgstr "" +#~ "Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після " +#~ "зміни пароля" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Online" -msgstr "У мережі" +#~ msgid "Base DN for sudo rules lookups" +#~ msgstr "Базова назва домену для пошуків правил sudo" -#: src/tools/sssctl/sssctl_domains.c:167 -msgid "Offline" -msgstr "Поза мережею" +#~ msgid "Automatic full refresh period" +#~ msgstr "Період автоматичного повного оновлення даних" -#: src/tools/sssctl/sssctl_domains.c:167 -#, c-format -msgid "Online status: %s\n" -msgstr "Стан з'єднання: %s\n" +#~ msgid "Automatic smart refresh period" +#~ msgstr "Період автоматичного кмітливого оновлення даних" -#: src/tools/sssctl/sssctl_domains.c:213 -#, fuzzy -msgid "This domain has no active servers.\n" -msgstr "Показати дані щодо активного сервера" +#~ msgid "Whether to filter rules by hostname, IP addresses and network" +#~ msgstr "" +#~ "Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та " +#~ "мережами" -#: src/tools/sssctl/sssctl_domains.c:218 -msgid "Active servers:\n" -msgstr "Активні сервери:\n" +#~ msgid "" +#~ "Hostnames and/or fully qualified domain names of this machine to filter " +#~ "sudo rules" +#~ msgstr "" +#~ "Назви вузлів і/або повні назви у домені для цього комп’ютера для " +#~ "фільтрування списку правил sudo" -#: src/tools/sssctl/sssctl_domains.c:230 -msgid "not connected" -msgstr "не з’єднано" +#~ msgid "" +#~ "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" +#~ msgstr "" +#~ "Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку " +#~ "правил sudo" -#: src/tools/sssctl/sssctl_domains.c:267 -msgid "No servers discovered.\n" -msgstr "" +#~ msgid "Whether to include rules that contains netgroup in host attribute" +#~ msgstr "" +#~ "Визначає, чи слід включати правила, що містять мережеву групу у атрибуті " +#~ "вузла" -#: src/tools/sssctl/sssctl_domains.c:273 -#, c-format -msgid "Discovered %s servers:\n" -msgstr "Виявлено сервери %s:\n" +#~ msgid "" +#~ "Whether to include rules that contains regular expression in host " +#~ "attribute" +#~ msgstr "" +#~ "Визначає, чи слід включати правила, що містять формальний вираз у " +#~ "атрибуті вузла" -#: src/tools/sssctl/sssctl_domains.c:285 -msgid "None so far.\n" -msgstr "Поки немає.\n" +#~ msgid "Object class for sudo rules" +#~ msgstr "Клас об’єктів для правил sudo" -#: src/tools/sssctl/sssctl_domains.c:325 -msgid "Show online status" -msgstr "Показати стан з'єднання" +#~ msgid "Name of attribute that is used as object class for sudo rules" +#~ msgstr "Назва атрибута, який використано як клас об'єктів для правил sudo" -#: src/tools/sssctl/sssctl_domains.c:326 -msgid "Show information about active server" -msgstr "Показати дані щодо активного сервера" +#~ msgid "Sudo rule name" +#~ msgstr "Назва правила sudo" -#: src/tools/sssctl/sssctl_domains.c:327 -msgid "Show list of discovered servers" -msgstr "Показати список виявлених серверів" +#~ msgid "Sudo rule command attribute" +#~ msgstr "Атрибут команди правила sudo" -#: src/tools/sssctl/sssctl_domains.c:333 -msgid "Specify domain name." -msgstr "Вказати назву домену." +#~ msgid "Sudo rule host attribute" +#~ msgstr "Атрибут вузла правила sudo" -#: src/tools/sssctl/sssctl_domains.c:355 -msgid "Out of memory!\n" -msgstr "Не вистачає пам'яті\n" +#~ msgid "Sudo rule user attribute" +#~ msgstr "Атрибут користувача правила sudo" -#: src/tools/sssctl/sssctl_domains.c:375 src/tools/sssctl/sssctl_domains.c:385 -msgid "Unable to get online status\n" -msgstr "Не вдалося отримати стан з'єднання\n" +#~ msgid "Sudo rule option attribute" +#~ msgstr "Атрибут параметрів правила sudo" -#: src/tools/sssctl/sssctl_domains.c:395 -msgid "Unable to get server list\n" -msgstr "Не вдалося отримати список серверів\n" +#~ msgid "Sudo rule runas attribute" +#~ msgstr "Атрибут runas правила sudo" -#: src/tools/sssctl/sssctl_logs.c:47 -msgid "\n" -msgstr "\n" +#~ msgid "Sudo rule runasuser attribute" +#~ msgstr "" +#~ "Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo" -#: src/tools/sssctl/sssctl_logs.c:237 -msgid "Delete log files instead of truncating" -msgstr "Вилучити файли журналу замість обрізання" +#~ msgid "Sudo rule runasgroup attribute" +#~ msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo" -#: src/tools/sssctl/sssctl_logs.c:248 -msgid "Deleting log files...\n" -msgstr "Вилучаємо файли журналу...\n" +#~ msgid "Sudo rule notbefore attribute" +#~ msgstr "Атрибут граничного часу початку дії правила sudo" -#: src/tools/sssctl/sssctl_logs.c:251 -msgid "Unable to remove log files\n" -msgstr "Не вдалося вилучити файли журналу\n" +#~ msgid "Sudo rule notafter attribute" +#~ msgstr "Атрибут граничного часу завершення дії правила sudo" -#: src/tools/sssctl/sssctl_logs.c:257 -msgid "Truncating log files...\n" -msgstr "Обрізаємо файли журналу...\n" - -#: src/tools/sssctl/sssctl_logs.c:260 -msgid "Unable to truncate log files\n" -msgstr "Не вдалося обрізати файли журналу\n" - -#: src/tools/sssctl/sssctl_logs.c:286 -msgid "Out of memory!" -msgstr "Не вистачає пам'яті!" - -#: src/tools/sssctl/sssctl_logs.c:289 -#, c-format -msgid "Archiving log files into %s...\n" -msgstr "Архівуємо файли журналу до %s...\n" - -#: src/tools/sssctl/sssctl_logs.c:292 -msgid "Unable to archive log files\n" -msgstr "Не вдалося архівувати файли журналу\n" - -#: src/tools/sssctl/sssctl_logs.c:317 -msgid "Specify debug level you want to set" -msgstr "Вкажіть рівень діагностики, яким ви хочете скористатися" - -#: src/tools/sssctl/sssctl_user_checks.c:117 -msgid "SSSD InfoPipe user lookup result:\n" -msgstr "Результат пошуку користувача у InfoPipe SSSD:\n" - -#: src/tools/sssctl/sssctl_user_checks.c:167 -#, c-format -msgid "dlopen failed with [%s].\n" -msgstr "Помилка dlopen [%s].\n" - -#: src/tools/sssctl/sssctl_user_checks.c:174 -#, c-format -msgid "dlsym failed with [%s].\n" -msgstr "Помилка dlsym [%s].\n" - -#: src/tools/sssctl/sssctl_user_checks.c:182 -msgid "malloc failed.\n" -msgstr "Помилка malloc.\n" - -#: src/tools/sssctl/sssctl_user_checks.c:189 -#, c-format -msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "помилка sss_getpwnam_r [%d].\n" - -#: src/tools/sssctl/sssctl_user_checks.c:194 -msgid "SSSD nss user lookup result:\n" -msgstr "Результат пошуку користувача у nss SSSD:\n" - -#: src/tools/sssctl/sssctl_user_checks.c:195 -#, c-format -msgid " - user name: %s\n" -msgstr " - ім'я користувача: %s\n" - -#: src/tools/sssctl/sssctl_user_checks.c:196 -#, c-format -msgid " - user id: %d\n" -msgstr " - ід. користувача: %d\n" - -#: src/tools/sssctl/sssctl_user_checks.c:197 -#, c-format -msgid " - group id: %d\n" -msgstr " - ід. групи: %d\n" - -#: src/tools/sssctl/sssctl_user_checks.c:198 -#, c-format -msgid " - gecos: %s\n" -msgstr " - gecos: %s\n" - -#: src/tools/sssctl/sssctl_user_checks.c:199 -#, c-format -msgid " - home directory: %s\n" -msgstr " - домашній каталог: %s\n" - -#: src/tools/sssctl/sssctl_user_checks.c:200 -#, c-format -msgid "" -" - shell: %s\n" -"\n" -msgstr "" -" - оболонка: %s\n" -"\n" - -#: src/tools/sssctl/sssctl_user_checks.c:232 -msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "Дія PAM [auth|acct|setc|chau|open|clos], типове значення: " - -#: src/tools/sssctl/sssctl_user_checks.c:235 -msgid "PAM service, default: " -msgstr "Служба PAM, типове значення: " - -#: src/tools/sssctl/sssctl_user_checks.c:240 -msgid "Specify user name." -msgstr "Вказати ім'я користувача." - -#: src/tools/sssctl/sssctl_user_checks.c:247 -#, c-format -msgid "" -"user: %s\n" -"action: %s\n" -"service: %s\n" -"\n" -msgstr "" -"користувач: %s\n" -"дія: %s\n" -"служба: %s\n" -"\n" - -#: src/tools/sssctl/sssctl_user_checks.c:252 -#, c-format -msgid "User name lookup with [%s] failed.\n" -msgstr "Не вдалося знайти користувача за допомогою [%s].\n" - -#: src/tools/sssctl/sssctl_user_checks.c:257 -#, c-format -msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "Не вдалося знайти користувача InfoPipe за допомогою [%s].\n" - -#: src/tools/sssctl/sssctl_user_checks.c:263 -#, c-format -msgid "pam_start failed: %s\n" -msgstr "Помилка pam_start: %s\n" +#~ msgid "Sudo rule order attribute" +#~ msgstr "Атрибут порядку правила sudo" -#: src/tools/sssctl/sssctl_user_checks.c:268 -msgid "" -"testing pam_authenticate\n" -"\n" -msgstr "" -"перевіряємо pam_authenticate\n" -"\n" +#~ msgid "Object class for automounter maps" +#~ msgstr "Клас об’єктів для карт автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:272 -#, c-format -msgid "pam_get_item failed: %s\n" -msgstr "Помилка pam_get_item: %s\n" +#~ msgid "Automounter map name attribute" +#~ msgstr "Атрибут назви карти автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:275 -#, c-format -msgid "" -"pam_authenticate for user [%s]: %s\n" -"\n" -msgstr "" -"pam_authenticate для користувача [%s]: %s\n" -"\n" +#~ msgid "Object class for automounter map entries" +#~ msgstr "Клас об’єктів для записів карт автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:278 -msgid "" -"testing pam_chauthtok\n" -"\n" -msgstr "" -"перевіряємо pam_chauthtok\n" -"\n" +#~ msgid "Automounter map entry key attribute" +#~ msgstr "Атрибут ключа запису карти автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:280 -#, c-format -msgid "" -"pam_chauthtok: %s\n" -"\n" -msgstr "" -"pam_chauthtok: %s\n" -"\n" +#~ msgid "Automounter map entry value attribute" +#~ msgstr "Атрибут значення запису карти автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:282 -msgid "" -"testing pam_acct_mgmt\n" -"\n" -msgstr "" -"перевіряємо pam_acct_mgmt\n" -"\n" +#~ msgid "Base DN for automounter map lookups" +#~ msgstr "" +#~ "Базовий сервер назв домену для пошуків карти автоматичного монтування" -#: src/tools/sssctl/sssctl_user_checks.c:284 -#, c-format -msgid "" -"pam_acct_mgmt: %s\n" -"\n" -msgstr "" -"pam_acct_mgmt: %s\n" -"\n" +#~ msgid "Comma separated list of allowed users" +#~ msgstr "Відокремлений комами список дозволених користувачів" -#: src/tools/sssctl/sssctl_user_checks.c:286 -msgid "" -"testing pam_setcred\n" -"\n" -msgstr "" -"перевіряємо pam_setcred\n" -"\n" +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "Відокремлений комами список заборонених користувачів" -#: src/tools/sssctl/sssctl_user_checks.c:288 -#, c-format -msgid "" -"pam_setcred: [%s]\n" -"\n" -msgstr "" -"pam_setcred: [%s]\n" -"\n" +#~ msgid "Default shell, /bin/bash" +#~ msgstr "Типова оболонка, /bin/bash" -#: src/tools/sssctl/sssctl_user_checks.c:290 -msgid "" -"testing pam_open_session\n" -"\n" -msgstr "" -"перевіряємо pam_open_session\n" -"\n" +#~ msgid "Base for home directories" +#~ msgstr "Базова адреса домашніх каталогів" -#: src/tools/sssctl/sssctl_user_checks.c:292 -#, c-format -msgid "" -"pam_open_session: %s\n" -"\n" -msgstr "" -"pam_open_session: %s\n" -"\n" +#~ msgid "The number of preforked proxy children." +#~ msgstr "Кількість попередньо відгалужених дочірніх проксі-записів." -#: src/tools/sssctl/sssctl_user_checks.c:294 -msgid "" -"testing pam_close_session\n" -"\n" -msgstr "" -"перевіряємо pam_close_session\n" -"\n" +#~ msgid "The name of the NSS library to use" +#~ msgstr "Назва бібліотеки NSS, яку слід використовувати" -#: src/tools/sssctl/sssctl_user_checks.c:296 -#, c-format -msgid "" -"pam_close_session: %s\n" -"\n" -msgstr "" -"pam_close_session: %s\n" -"\n" +#~ msgid "Whether to look up canonical group name from cache if possible" +#~ msgstr "" +#~ "Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це " +#~ "можливо" -#: src/tools/sssctl/sssctl_user_checks.c:298 -msgid "unknown action\n" -msgstr "невідома дія\n" +#~ msgid "PAM stack to use" +#~ msgstr "Стек PAM, який слід використовувати" -#: src/tools/sssctl/sssctl_user_checks.c:301 -msgid "PAM Environment:\n" -msgstr "Середовище PAM:\n" +#~ msgid "Path of passwd file sources." +#~ msgstr "Шлях до початкового тексту файла passwd." -#: src/tools/sssctl/sssctl_user_checks.c:309 -msgid " - no env -\n" -msgstr " - немає середовища -\n" - -#: src/util/util.h:82 -msgid "The user ID to run the server as" -msgstr "Ідентифікатор користувача, від імені якого слід запустити сервер" - -#: src/util/util.h:84 -msgid "The group ID to run the server as" -msgstr "Ідентифікатор групи, від імені якої слід запустити сервер" - -#: src/util/util.h:92 -msgid "Informs that the responder has been socket-activated" -msgstr "Інформує про те, що на відповідачі задіяно сокет" - -#: src/util/util.h:94 -msgid "Informs that the responder has been dbus-activated" -msgstr "Інформує про те, що на відповідачі задіяно D-Bus" +#~ msgid "Path of group file sources." +#~ msgstr "Шлях до початкового тексту файла group." diff --git a/po/zh_CN.po b/po/zh_CN.po index b040b43506..44579e70fb 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -20,1535 +20,55 @@ msgstr "" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "设定调试日志记录等级" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "在调试日志中包含时间戳" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "写入调试信息到日志文件" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "启动服务命令" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA 服务器地址" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "IPA 备份服务器地址" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos 服务器地址" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "验证超时" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1588,7 +108,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2401,7 +921,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2578,44 +1098,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2824,3 +1344,27 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Set the verbosity of the debug logging" +#~ msgstr "设定调试日志记录等级" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "在调试日志中包含时间戳" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "写入调试信息到日志文件" + +#~ msgid "Command to start service" +#~ msgstr "启动服务命令" + +#~ msgid "IPA server address" +#~ msgstr "IPA 服务器地址" + +#~ msgid "Address of backup IPA server" +#~ msgstr "IPA 备份服务器地址" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos 服务器地址" + +#~ msgid "Authentication timeout" +#~ msgstr "验证超时" diff --git a/po/zh_TW.po b/po/zh_TW.po index 12a6f8a970..99f38453d7 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2019-11-30 22:24+0100\n" +"POT-Creation-Date: 2020-05-19 12:05+0200\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/" @@ -19,1535 +19,55 @@ msgstr "" "Plural-Forms: nplurals=1; plural=0;\n" "X-Generator: Zanata 4.6.2\n" -#: src/config/SSSDConfig/__init__.py.in:43 -#: src/config/SSSDConfig/__init__.py.in:44 -msgid "Set the verbosity of the debug logging" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:45 -msgid "Include timestamps in debug logs" -msgstr "在除錯日誌內加入時間戳記" - -#: src/config/SSSDConfig/__init__.py.in:46 -msgid "Include microseconds in timestamps in debug logs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:47 -msgid "Write debug messages to logfiles" -msgstr "將除錯訊息寫入日誌檔" - -#: src/config/SSSDConfig/__init__.py.in:48 -msgid "Watchdog timeout before restarting service" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:49 -msgid "Command to start service" -msgstr "啟動服務的指令" - -#: src/config/SSSDConfig/__init__.py.in:50 -msgid "Number of times to attempt connection to Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:51 -msgid "The number of file descriptors that may be opened by this responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:52 -msgid "Idle time before automatic disconnection of a client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:53 -msgid "Idle time before automatic shutdown of the responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:54 -msgid "Always query all the caches before querying the Data Providers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:57 -msgid "SSSD Services to start" -msgstr "要啟動的 SSSD 服務" - -#: src/config/SSSDConfig/__init__.py.in:58 -msgid "SSSD Domains to start" -msgstr "要啟動的 SSSD 網域" - -#: src/config/SSSDConfig/__init__.py.in:59 -msgid "Timeout for messages sent over the SBUS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:203 -msgid "Regex to parse username and domain" -msgstr "用來解析使用者名稱與網域的正規表示式" - -#: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:202 -msgid "Printf-compatible format for displaying fully-qualified names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:62 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:63 -msgid "Domain to add to names without a domain component." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:64 -msgid "The user to drop privileges to" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:65 -msgid "Tune certificate verification" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:66 -msgid "All spaces in group or user names will be replaced with this character" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:67 -msgid "Tune sssd to honor or ignore netlink state changes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:68 -msgid "Enable or disable the implicit files domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:69 -msgid "A specific order of the domains to be looked up" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:72 -msgid "Enumeration cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:73 -msgid "Entry cache background update timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:116 -msgid "Negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:75 -msgid "Files negative cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:76 -msgid "Users that SSSD should explicitly ignore" -msgstr "SSSD 應該明確忽略的使用者" - -#: src/config/SSSDConfig/__init__.py.in:77 -msgid "Groups that SSSD should explicitly ignore" -msgstr "SSSD 應該明確忽略的群組" - -#: src/config/SSSDConfig/__init__.py.in:78 -msgid "Should filtered users appear in groups" -msgstr "過濾的使用者是否應該顯現在群組內" - -#: src/config/SSSDConfig/__init__.py.in:79 -msgid "The value of the password field the NSS provider should return" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:80 -msgid "Override homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:81 -msgid "" -"Substitute empty homedir value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:82 -msgid "Override shell value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:83 -msgid "The list of shells users are allowed to log in with" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:84 -msgid "" -"The list of shells that will be vetoed, and replaced with the fallback shell" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:85 -msgid "" -"If a shell stored in central directory is allowed but not available, use " -"this fallback" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:86 -msgid "Shell to use if the provider does not list one" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:87 -msgid "How long will be in-memory cache records valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:88 -msgid "List of user attributes the NSS responder is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:91 -msgid "How long to allow cached logins between online logins (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:92 -msgid "How many failed logins attempts are allowed when offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:93 -msgid "" -"How long (minutes) to deny login after offline_failed_login_attempts has " -"been reached" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:94 -msgid "What kind of messages are displayed to the user during authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:95 -msgid "Filter PAM responses sent to the pam_sss" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:96 -msgid "How many seconds to keep identity information cached for PAM requests" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:97 -msgid "How many days before password expiration a warning should be displayed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:98 -msgid "List of trusted uids or user's name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:99 -msgid "List of domains accessible even for untrusted users." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:100 -msgid "Message printed when user account is expired." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:101 -msgid "Message printed when user account is locked." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:102 -msgid "Allow certificate based/Smartcard authentication." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:103 -msgid "Path to certificate database with PKCS#11 modules." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:104 -msgid "How many seconds will pam_sss wait for p11_child to finish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:105 -msgid "Which PAM services are permitted to contact application domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:106 -msgid "Allowed services for using smartcards" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:107 -msgid "Additional timeout to wait for a card if requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "" -"PKCS#11 URI to restrict the selection of devices for Smartcard authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:111 -msgid "Whether to evaluate the time-based attributes in sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:112 -msgid "If true, SSSD will switch back to lower-wins ordering logic" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:113 -msgid "" -"Maximum number of rules that can be refreshed at once. If this is exceeded, " -"full refresh is performed." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:119 -msgid "Whether to hash host names and addresses in the known_hosts file" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:120 -msgid "" -"How many seconds to keep a host in the known_hosts file after its host keys " -"were requested" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:121 -msgid "Path to storage of trusted CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:122 -msgid "Allow to generate ssh-keys from certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:123 -msgid "" -"Use the following matching rules to filter the certificates for ssh-key " -"generation" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:126 -msgid "List of UIDs or user names allowed to access the PAC responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:127 -msgid "How long the PAC data is considered valid" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:130 -msgid "List of UIDs or user names allowed to access the InfoPipe responder" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:131 -msgid "List of user attributes the InfoPipe is allowed to publish" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:134 -msgid "The provider where the secrets will be stored in" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:135 -msgid "The maximum allowed number of nested containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:136 -msgid "The maximum number of secrets that can be stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:137 -msgid "The maximum number of secrets that can be stored per UID" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:138 -msgid "The maximum payload size of a secret in kilobytes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:140 -msgid "The URL Custodia server is listening on" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:141 -msgid "The method to use when authenticating to a Custodia server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:142 -msgid "" -"The name of the headers that will be added into a HTTP request with the " -"value defined in auth_header_value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:143 -msgid "The value sssd-secrets would use for auth_header_name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:144 -msgid "" -"The list of the headers to forward to the Custodia server together with the " -"request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:145 -msgid "" -"The username to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:146 -msgid "" -"The password to use when authenticating to a Custodia server using basic_auth" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:147 -msgid "If true peer's certificate is verified if proxy_url uses https protocol" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:148 -msgid "" -"If false peer's certificate may contain different hostname than proxy_url " -"when https protocol is used" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:149 -msgid "Path to directory where certificate authority certificates are stored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:150 -msgid "Path to file containing server's CA certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:151 -msgid "Path to file containing client's certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:152 -msgid "Path to file containing client's private key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:155 -msgid "Identity provider" -msgstr "身分提供者" - -#: src/config/SSSDConfig/__init__.py.in:156 -msgid "Authentication provider" -msgstr "認證提供者" - -#: src/config/SSSDConfig/__init__.py.in:157 -msgid "Access control provider" -msgstr "存取控制提供者" - -#: src/config/SSSDConfig/__init__.py.in:158 -msgid "Password change provider" -msgstr "密碼變更提供者" - -#: src/config/SSSDConfig/__init__.py.in:159 -msgid "SUDO provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:160 -msgid "Autofs provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:161 -msgid "Host identity provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:162 -msgid "SELinux provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:163 -msgid "Session management provider" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Whether the domain is usable by the OS or by applications" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 -msgid "Minimum user ID" -msgstr "最小的使用者 ID" - -#: src/config/SSSDConfig/__init__.py.in:168 -msgid "Maximum user ID" -msgstr "最大的使用者 ID" - -#: src/config/SSSDConfig/__init__.py.in:169 -msgid "Enable enumerating all users/groups" -msgstr "啟用所有使用者或群組的列舉" - -#: src/config/SSSDConfig/__init__.py.in:170 -msgid "Cache credentials for offline login" -msgstr "供離線登入使用的快取憑證" - -#: src/config/SSSDConfig/__init__.py.in:171 -msgid "Display users/groups in fully-qualified form" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:172 -msgid "Don't include group members in group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:173 -#: src/config/SSSDConfig/__init__.py.in:182 -#: src/config/SSSDConfig/__init__.py.in:183 -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:186 -#: src/config/SSSDConfig/__init__.py.in:187 -msgid "Entry cache timeout length (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:174 -msgid "" -"Restrict or prefer a specific address family when performing DNS lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:175 -msgid "How long to keep cached entries after last successful login (days)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:176 -msgid "" -"How long should SSSD talk to single DNS server before trying next server " -"(miliseconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:177 -msgid "How long should keep trying to resolve single DNS query (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:178 -msgid "How long to wait for replies from DNS when resolving servers (seconds)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:179 -msgid "The domain part of service discovery DNS query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:180 -msgid "Override GID value from the identity provider with this value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:181 -msgid "Treat usernames as case sensitive" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:188 -msgid "How often should expired entries be refreshed in background" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:189 -msgid "Whether to automatically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:190 -#: src/config/SSSDConfig/__init__.py.in:212 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:191 -#: src/config/SSSDConfig/__init__.py.in:213 -msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:192 -msgid "How often to periodically update the client's DNS entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:193 -msgid "Whether the provider should explicitly update the PTR record as well" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:194 -msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:195 -msgid "What kind of authentication should be used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:196 -msgid "Override the DNS server used to perform the DNS update" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:197 -msgid "Control enumeration of trusted domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:198 -msgid "How often should subdomains list be refreshed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:199 -msgid "List of options that should be inherited into a subdomain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:200 -msgid "Default subdomain homedir value" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:201 -msgid "How long can cached credentials be used for cached authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:204 -msgid "Whether to automatically create private groups for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:207 -msgid "IPA domain" -msgstr "IPA 網域" - -#: src/config/SSSDConfig/__init__.py.in:208 -msgid "IPA server address" -msgstr "IPA 伺服器位址" - -#: src/config/SSSDConfig/__init__.py.in:209 -msgid "Address of backup IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:210 -msgid "IPA client hostname" -msgstr "IPA 客戶端主機名稱" - -#: src/config/SSSDConfig/__init__.py.in:211 -msgid "Whether to automatically update the client's DNS entry in FreeIPA" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:214 -msgid "Search base for HBAC related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:215 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:216 -msgid "" -"The amount of time in seconds between lookups of the SELinux maps against " -"the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:217 -msgid "If set to false, host argument given by PAM will be ignored" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:218 -msgid "The automounter location this IPA client is using" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:219 -msgid "Search base for object containing info about IPA domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:220 -msgid "Search base for objects containing info about ID ranges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:221 -#: src/config/SSSDConfig/__init__.py.in:239 -msgid "Enable DNS sites - location based service discovery" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:222 -msgid "Search base for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:223 -msgid "Objectclass for view containers" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:224 -msgid "Attribute with the name of the view" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:225 -msgid "Objectclass for override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:226 -msgid "Attribute with the reference to the original object" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:227 -msgid "Objectclass for user override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:228 -msgid "Objectclass for group override objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:229 -msgid "Search base for Desktop Profile related objects" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:230 -msgid "" -"The amount of time in seconds between lookups of the Desktop Profile rules " -"against the IPA server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:231 -msgid "" -"The amount of time in minutes between lookups of Desktop Profiles rules " -"against the IPA server when the last request did not find any rule" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:234 -msgid "Active Directory domain" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:235 -msgid "Enabled Active Directory domains" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:236 -msgid "Active Directory server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:237 -msgid "Active Directory backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:238 -msgid "Active Directory client hostname" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:240 -#: src/config/SSSDConfig/__init__.py.in:425 -msgid "LDAP filter to determine access privileges" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:241 -msgid "Whether to use the Global Catalog for lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:242 -msgid "Operation mode for GPO-based access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:243 -msgid "" -"The amount of time between lookups of the GPO policy files against the AD " -"server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:244 -msgid "" -"PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " -"settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:245 -msgid "" -"PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " -"policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:246 -msgid "" -"PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:247 -msgid "" -"PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:248 -msgid "" -"PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:249 -msgid "PAM service names for which GPO-based access is always granted" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:250 -msgid "PAM service names for which GPO-based access is always denied" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:251 -msgid "" -"Default logon right (or permit/deny) to use for unmapped PAM service names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:252 -msgid "a particular site to be used by the client" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:253 -msgid "" -"Maximum age in days before the machine account password should be renewed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:254 -msgid "Option for tuning the machine account renewal task" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:257 -#: src/config/SSSDConfig/__init__.py.in:258 -msgid "Kerberos server address" -msgstr "Kerberos 伺服器位址" - -#: src/config/SSSDConfig/__init__.py.in:259 -msgid "Kerberos backup server address" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:260 -msgid "Kerberos realm" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:261 -msgid "Authentication timeout" -msgstr "認證逾時" - -#: src/config/SSSDConfig/__init__.py.in:262 -msgid "Whether to create kdcinfo files" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:263 -msgid "Where to drop krb5 config snippets" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:266 -msgid "Directory to store credential caches" -msgstr "儲存憑證快取的目錄" - -#: src/config/SSSDConfig/__init__.py.in:267 -msgid "Location of the user's credential cache" -msgstr "使用者憑證快取的位置" - -#: src/config/SSSDConfig/__init__.py.in:268 -msgid "Location of the keytab to validate credentials" -msgstr "驗證憑證用的金鑰表格位置" - -#: src/config/SSSDConfig/__init__.py.in:269 -msgid "Enable credential validation" -msgstr "啟用憑證驗證" - -#: src/config/SSSDConfig/__init__.py.in:270 -msgid "Store password if offline for later online authentication" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:271 -msgid "Renewable lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:272 -msgid "Lifetime of the TGT" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:273 -msgid "Time between two checks for renewal" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:274 -msgid "Enables FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:275 -msgid "Selects the principal to use for FAST" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:276 -msgid "Enables principal canonicalization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:277 -msgid "Enables enterprise principals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:278 -msgid "A mapping from user names to Kerberos principal names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:281 -#: src/config/SSSDConfig/__init__.py.in:282 -msgid "Server where the change password service is running if not on the KDC" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:285 -msgid "ldap_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:286 -msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:287 -msgid "The default base DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:288 -msgid "The Schema Type in use on the LDAP server, rfc2307" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:289 -msgid "Mode used to change user password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:290 -msgid "The default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:291 -msgid "The type of the authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:292 -msgid "The authentication token of the default bind DN" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:293 -msgid "Length of time to attempt connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:294 -msgid "Length of time to attempt synchronous LDAP operations" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:295 -msgid "Length of time between attempts to reconnect while offline" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:296 -msgid "Use only the upper case for realm names" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:297 -msgid "File that contains CA certificates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:298 -msgid "Path to CA certificate directory" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:299 -msgid "File that contains the client certificate" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:300 -msgid "File that contains the client key" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:301 -msgid "List of possible ciphers suites" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:302 -msgid "Require TLS certificate verification" -msgstr "需要 TLS 憑證驗證" - -#: src/config/SSSDConfig/__init__.py.in:303 -msgid "Specify the sasl mechanism to use" -msgstr "指定要使用的 sasl 機制" - -#: src/config/SSSDConfig/__init__.py.in:304 -msgid "Specify the sasl authorization id to use" -msgstr "指定要使用的 sasl 認證 id" - -#: src/config/SSSDConfig/__init__.py.in:305 -msgid "Specify the sasl authorization realm to use" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:306 -msgid "Specify the minimal SSF for LDAP sasl authorization" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:307 -msgid "Kerberos service keytab" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:308 -msgid "Use Kerberos auth for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:309 -msgid "Follow LDAP referrals" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:310 -msgid "Lifetime of TGT for LDAP connection" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:311 -msgid "How to dereference aliases" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:312 -msgid "Service name for DNS service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:313 -msgid "The number of records to retrieve in a single LDAP query" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:314 -msgid "The number of members that must be missing to trigger a full deref" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:315 -msgid "" -"Whether the LDAP library should perform a reverse lookup to canonicalize the " -"host name during a SASL bind" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:317 -msgid "entryUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:318 -msgid "lastUSN attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:320 -msgid "How long to retain a connection to the LDAP server before disconnecting" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:322 -msgid "Disable the LDAP paging control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:323 -msgid "Disable Active Directory range retrieval" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:326 -msgid "Length of time to wait for a search request" -msgstr "搜尋請求的等候時間長度" - -#: src/config/SSSDConfig/__init__.py.in:327 -msgid "Length of time to wait for a enumeration request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:328 -msgid "Length of time between enumeration updates" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:329 -msgid "Length of time between cache cleanups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:330 -msgid "Require TLS for ID lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:331 -msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:332 -msgid "Base DN for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:333 -msgid "Scope of user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:334 -msgid "Filter for user lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:335 -msgid "Objectclass for users" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:336 -msgid "Username attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:338 -msgid "UID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:339 -msgid "Primary GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:340 -msgid "GECOS attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:341 -msgid "Home directory attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:342 -msgid "Shell attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:343 -msgid "UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:344 -#: src/config/SSSDConfig/__init__.py.in:386 -msgid "objectSID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:345 -msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:346 -msgid "User principal attribute (for Kerberos)" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:347 -msgid "Full Name" -msgstr "全名" - -#: src/config/SSSDConfig/__init__.py.in:348 -msgid "memberOf attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:349 -msgid "Modification time attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:351 -msgid "shadowLastChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:352 -msgid "shadowMin attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:353 -msgid "shadowMax attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:354 -msgid "shadowWarning attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:355 -msgid "shadowInactive attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:356 -msgid "shadowExpire attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:357 -msgid "shadowFlag attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:358 -msgid "Attribute listing authorized PAM services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:359 -msgid "Attribute listing authorized server hosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:360 -msgid "Attribute listing authorized server rhosts" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:361 -msgid "krbLastPwdChange attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:362 -msgid "krbPasswordExpiration attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:363 -msgid "Attribute indicating that server side password policies are active" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:364 -msgid "accountExpires attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:365 -msgid "userAccountControl attribute of AD" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:366 -msgid "nsAccountLock attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:367 -msgid "loginDisabled attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:368 -msgid "loginExpirationTime attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:369 -msgid "loginAllowedTimeMap attribute of NDS" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:370 -msgid "SSH public key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:371 -msgid "attribute listing allowed authentication types for a user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:372 -msgid "attribute containing the X509 certificate of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:373 -msgid "attribute containing the email address of the user" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:375 -msgid "A list of extra attributes to download along with the user entry" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:377 -msgid "Base DN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:380 -msgid "Objectclass for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:381 -msgid "Group name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:382 -msgid "Group password" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:383 -msgid "GID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:384 -msgid "Group member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:385 -msgid "Group UUID attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:387 -msgid "Modification time attribute for groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:388 -msgid "Type of the group and other flags" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:389 -msgid "The LDAP group external member attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:391 -msgid "Maximum nesting level SSSD will follow" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:393 -msgid "Base DN for netgroup lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:394 -msgid "Objectclass for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:395 -msgid "Netgroup name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:396 -msgid "Netgroups members attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:397 -msgid "Netgroup triple attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:398 -msgid "Modification time attribute for netgroups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:400 -msgid "Base DN for service lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:401 -msgid "Objectclass for services" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:402 -msgid "Service name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:403 -msgid "Service port attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:404 -msgid "Service protocol attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:407 -msgid "Lower bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:408 -msgid "Upper bound for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Number of IDs for each slice when ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:410 -msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:411 -msgid "Name of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:412 -msgid "SID of the default domain for ID-mapping" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:413 -msgid "Number of secondary slices" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:415 -msgid "Whether to use Token-Groups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:416 -msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:417 -msgid "Set upper boundary for allowed IDs from the LDAP server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:418 -msgid "DN for ppolicy queries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:419 -msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:422 -msgid "Policy to evaluate the password expiration" -msgstr "評估密碼過期時效的策略" - -#: src/config/SSSDConfig/__init__.py.in:426 -msgid "Which attributes shall be used to evaluate if an account is expired" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:427 -msgid "Which rules should be used to evaluate access control" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:430 -msgid "URI of an LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:431 -msgid "URI of a backup LDAP server where password changes are allowed" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:432 -msgid "DNS service name for LDAP password change server" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:433 -msgid "" -"Whether to update the ldap_user_shadow_last_change attribute after a " -"password change" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:436 -msgid "Base DN for sudo rules lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:437 -msgid "Automatic full refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:438 -msgid "Automatic smart refresh period" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:439 -msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:440 -msgid "" -"Hostnames and/or fully qualified domain names of this machine to filter sudo " -"rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:441 -msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:442 -msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:443 -msgid "" -"Whether to include rules that contains regular expression in host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:444 -msgid "Object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:445 -msgid "Name of attribute that is used as object class for sudo rules" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:446 -msgid "Sudo rule name" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:447 -msgid "Sudo rule command attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:448 -msgid "Sudo rule host attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:449 -msgid "Sudo rule user attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:450 -msgid "Sudo rule option attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:451 -msgid "Sudo rule runas attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:452 -msgid "Sudo rule runasuser attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:453 -msgid "Sudo rule runasgroup attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:454 -msgid "Sudo rule notbefore attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:455 -msgid "Sudo rule notafter attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:456 -msgid "Sudo rule order attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:459 -msgid "Object class for automounter maps" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:460 -msgid "Automounter map name attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:461 -msgid "Object class for automounter map entries" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:462 -msgid "Automounter map entry key attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:463 -msgid "Automounter map entry value attribute" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:464 -msgid "Base DN for automounter map lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:467 -msgid "Comma separated list of allowed users" -msgstr "許可的使用者清單,請使用半形逗號作為分隔" - -#: src/config/SSSDConfig/__init__.py.in:468 -msgid "Comma separated list of prohibited users" -msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" - -#: src/config/SSSDConfig/__init__.py.in:471 -msgid "Default shell, /bin/bash" -msgstr "預設 shell,/bin/bash" - -#: src/config/SSSDConfig/__init__.py.in:472 -msgid "Base for home directories" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:475 -msgid "The number of preforked proxy children." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:478 -msgid "The name of the NSS library to use" -msgstr "要使用的 NSS 函式庫名稱" - -#: src/config/SSSDConfig/__init__.py.in:479 -msgid "Whether to look up canonical group name from cache if possible" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:482 -msgid "PAM stack to use" -msgstr "要使用的 PAM 堆疊" - -#: src/config/SSSDConfig/__init__.py.in:485 -msgid "Path of passwd file sources." -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:486 -msgid "Path of group file sources." -msgstr "" - -#: src/monitor/monitor.c:2355 +#: src/monitor/monitor.c:2371 msgid "Become a daemon (default)" msgstr "作為幕後程式 (預設)" -#: src/monitor/monitor.c:2357 +#: src/monitor/monitor.c:2373 msgid "Run interactive (not a daemon)" msgstr "以互動方式執行 (非幕後程式)" -#: src/monitor/monitor.c:2360 +#: src/monitor/monitor.c:2376 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2362 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2378 src/tools/sssctl/sssctl_logs.c:310 msgid "Specify a non-default config file" msgstr "指定非預設的配置檔" -#: src/monitor/monitor.c:2364 +#: src/monitor/monitor.c:2380 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2367 +#: src/monitor/monitor.c:2383 msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2370 +#: src/monitor/monitor.c:2386 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2514 +#: src/monitor/monitor.c:2532 msgid "SSSD is already running\n" msgstr "" -#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:624 +#: src/providers/krb5/krb5_child.c:3233 src/providers/ldap/ldap_child.c:638 msgid "Debug level" msgstr "除錯層級" -#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:626 +#: src/providers/krb5/krb5_child.c:3235 src/providers/ldap/ldap_child.c:640 msgid "Add debug timestamps" msgstr "加入除錯時間戳記" -#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:628 +#: src/providers/krb5/krb5_child.c:3237 src/providers/ldap/ldap_child.c:642 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:630 +#: src/providers/krb5/krb5_child.c:3239 src/providers/ldap/ldap_child.c:644 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:632 +#: src/providers/krb5/krb5_child.c:3242 src/providers/ldap/ldap_child.c:646 msgid "Send the debug output to stderr directly." msgstr "" @@ -1587,7 +107,7 @@ msgstr "" msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:711 +#: src/providers/data_provider_be.c:674 msgid "Domain of the information provider (mandatory)" msgstr "" @@ -2400,7 +920,7 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:85 #, c-format -msgid "Failed to load configuration configuration from %s.\n" +msgid "Failed to load configuration from %s.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:91 @@ -2577,44 +1097,44 @@ msgstr "" msgid "Unable to get server list\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:47 +#: src/tools/sssctl/sssctl_logs.c:46 msgid "\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:237 +#: src/tools/sssctl/sssctl_logs.c:236 msgid "Delete log files instead of truncating" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:248 +#: src/tools/sssctl/sssctl_logs.c:247 msgid "Deleting log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:251 +#: src/tools/sssctl/sssctl_logs.c:250 msgid "Unable to remove log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:257 +#: src/tools/sssctl/sssctl_logs.c:256 msgid "Truncating log files...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:260 +#: src/tools/sssctl/sssctl_logs.c:259 msgid "Unable to truncate log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:286 +#: src/tools/sssctl/sssctl_logs.c:285 msgid "Out of memory!" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:289 +#: src/tools/sssctl/sssctl_logs.c:288 #, c-format msgid "Archiving log files into %s...\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:292 +#: src/tools/sssctl/sssctl_logs.c:291 msgid "Unable to archive log files\n" msgstr "" -#: src/tools/sssctl/sssctl_logs.c:317 +#: src/tools/sssctl/sssctl_logs.c:316 msgid "Specify debug level you want to set" msgstr "" @@ -2823,3 +1343,114 @@ msgstr "" #: src/util/util.h:94 msgid "Informs that the responder has been dbus-activated" msgstr "" + +#~ msgid "Include timestamps in debug logs" +#~ msgstr "在除錯日誌內加入時間戳記" + +#~ msgid "Write debug messages to logfiles" +#~ msgstr "將除錯訊息寫入日誌檔" + +#~ msgid "Command to start service" +#~ msgstr "啟動服務的指令" + +#~ msgid "SSSD Services to start" +#~ msgstr "要啟動的 SSSD 服務" + +#~ msgid "SSSD Domains to start" +#~ msgstr "要啟動的 SSSD 網域" + +#~ msgid "Regex to parse username and domain" +#~ msgstr "用來解析使用者名稱與網域的正規表示式" + +#~ msgid "Users that SSSD should explicitly ignore" +#~ msgstr "SSSD 應該明確忽略的使用者" + +#~ msgid "Groups that SSSD should explicitly ignore" +#~ msgstr "SSSD 應該明確忽略的群組" + +#~ msgid "Should filtered users appear in groups" +#~ msgstr "過濾的使用者是否應該顯現在群組內" + +#~ msgid "Identity provider" +#~ msgstr "身分提供者" + +#~ msgid "Authentication provider" +#~ msgstr "認證提供者" + +#~ msgid "Access control provider" +#~ msgstr "存取控制提供者" + +#~ msgid "Password change provider" +#~ msgstr "密碼變更提供者" + +#~ msgid "Minimum user ID" +#~ msgstr "最小的使用者 ID" + +#~ msgid "Maximum user ID" +#~ msgstr "最大的使用者 ID" + +#~ msgid "Enable enumerating all users/groups" +#~ msgstr "啟用所有使用者或群組的列舉" + +#~ msgid "Cache credentials for offline login" +#~ msgstr "供離線登入使用的快取憑證" + +#~ msgid "IPA domain" +#~ msgstr "IPA 網域" + +#~ msgid "IPA server address" +#~ msgstr "IPA 伺服器位址" + +#~ msgid "IPA client hostname" +#~ msgstr "IPA 客戶端主機名稱" + +#~ msgid "Kerberos server address" +#~ msgstr "Kerberos 伺服器位址" + +#~ msgid "Authentication timeout" +#~ msgstr "認證逾時" + +#~ msgid "Directory to store credential caches" +#~ msgstr "儲存憑證快取的目錄" + +#~ msgid "Location of the user's credential cache" +#~ msgstr "使用者憑證快取的位置" + +#~ msgid "Location of the keytab to validate credentials" +#~ msgstr "驗證憑證用的金鑰表格位置" + +#~ msgid "Enable credential validation" +#~ msgstr "啟用憑證驗證" + +#~ msgid "Require TLS certificate verification" +#~ msgstr "需要 TLS 憑證驗證" + +#~ msgid "Specify the sasl mechanism to use" +#~ msgstr "指定要使用的 sasl 機制" + +#~ msgid "Specify the sasl authorization id to use" +#~ msgstr "指定要使用的 sasl 認證 id" + +#~ msgid "Length of time to wait for a search request" +#~ msgstr "搜尋請求的等候時間長度" + +#~ msgid "Full Name" +#~ msgstr "全名" + +#~ msgid "Policy to evaluate the password expiration" +#~ msgstr "評估密碼過期時效的策略" + +#~ msgid "Comma separated list of allowed users" +#~ msgstr "許可的使用者清單,請使用半形逗號作為分隔" + +#~ msgid "Comma separated list of prohibited users" +#~ msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" + +#~ msgid "Default shell, /bin/bash" +#~ msgstr "預設 shell,/bin/bash" + +#~ msgid "The name of the NSS library to use" +#~ msgstr "要使用的 NSS 函式庫名稱" + +#~ msgid "PAM stack to use" +#~ msgstr "要使用的 PAM 堆疊" diff --git a/src/man/po/br.po b/src/man/po/br.po index e6f1d4dc71..2c4b450fe1 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -6,9 +6,9 @@ # Fulup , 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-14 11:51+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -299,10 +299,10 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Dre ziouer : true" @@ -321,21 +321,22 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "" msgstr "" @@ -359,8 +360,8 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -375,7 +376,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -455,7 +456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -475,12 +476,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -488,39 +489,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -529,7 +530,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -658,8 +659,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -768,10 +769,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Dre zoiuer : 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -882,12 +881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -971,8 +970,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1048,7 +1047,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1108,8 +1107,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1186,7 +1185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1204,7 +1203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Dre ziouer : 15" @@ -1714,7 +1713,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1727,7 +1726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1741,7 +1740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" @@ -1804,8 +1803,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1870,8 +1869,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1883,64 +1882,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1948,7 +1947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1960,63 +1959,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2024,12 +2023,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2040,15 +2039,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2056,7 +2055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2064,13 +2063,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: root" +msgid "Default: no_session" +msgstr "Dre zoiuer : root" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2081,24 +2136,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2108,22 +2163,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2131,51 +2186,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2184,12 +2239,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2199,36 +2254,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2239,7 +2318,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2250,24 +2329,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2275,12 +2354,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2289,24 +2368,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2316,66 +2395,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2383,17 +2462,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2401,7 +2480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2409,22 +2488,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2433,14 +2512,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2449,38 +2528,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2489,24 +2568,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2515,29 +2594,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2551,14 +2630,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2567,39 +2646,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2608,19 +2687,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2631,115 +2710,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2748,42 +2851,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2791,24 +2906,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2817,17 +2932,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2836,34 +2951,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2871,7 +2986,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2879,8 +2994,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2889,8 +3004,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2898,19 +3013,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2919,7 +3034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2927,22 +3042,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2954,7 +3071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2962,19 +3079,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2982,7 +3099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2990,35 +3107,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3026,19 +3143,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3047,7 +3164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3055,29 +3172,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3085,7 +3202,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3093,35 +3210,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3129,32 +3246,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3165,7 +3282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3174,12 +3291,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3187,7 +3304,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3195,31 +3312,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3227,7 +3344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3236,17 +3353,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3254,43 +3371,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3298,7 +3415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3306,7 +3423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3314,24 +3431,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3339,12 +3456,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "re_expression (string)" +msgid "resolver_provider (string)" +msgstr "re_expression (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3354,7 +3514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3363,29 +3523,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3393,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3403,59 +3563,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3464,77 +3624,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3542,7 +3702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3551,17 +3711,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3569,34 +3729,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3604,32 +3764,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3639,34 +3799,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3675,19 +3835,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3695,24 +3855,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3721,24 +3881,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3748,14 +3908,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3763,21 +3923,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3785,7 +3945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3794,7 +3954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3803,7 +3963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3811,29 +3971,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3841,12 +4001,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3855,12 +4028,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3868,19 +4041,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3897,7 +4070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3905,17 +4078,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3924,7 +4097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3934,7 +4107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3954,12 +4127,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3967,73 +4140,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4041,17 +4214,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4060,17 +4233,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4078,17 +4251,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4096,17 +4269,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4117,69 +4290,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4192,7 +4365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4200,7 +4373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4209,55 +4382,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4266,17 +4439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4284,26 +4457,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4312,17 +4485,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4332,7 +4505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4341,59 +4514,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4401,14 +4574,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4416,7 +4589,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4424,12 +4597,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4459,7 +4632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4468,7 +4641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4476,7 +4649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4487,7 +4660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4501,7 +4674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4651,7 +4824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4823,25 +4996,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4850,24 +5028,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4875,7 +5053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4884,12 +5062,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4897,7 +5075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4907,7 +5085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4917,34 +5095,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4952,30 +5130,40 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:441 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4983,12 +5171,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4996,12 +5184,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5012,12 +5200,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5026,12 +5214,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5040,34 +5228,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5075,14 +5282,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5090,17 +5297,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5110,12 +5317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5123,17 +5330,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5141,7 +5361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5152,7 +5372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5161,7 +5381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5169,26 +5389,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5196,7 +5416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5204,7 +5424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5212,41 +5432,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5255,32 +5475,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5288,24 +5508,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5313,17 +5533,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5334,24 +5554,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5362,12 +5582,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5380,7 +5600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5392,17 +5612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5410,49 +5630,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5460,28 +5680,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5493,7 +5713,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5501,7 +5721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5509,39 +5729,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5551,7 +5771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5559,26 +5779,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5586,7 +5806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5594,31 +5814,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5627,56 +5847,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5692,12 +5912,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5706,14 +5926,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5722,24 +5942,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5747,19 +5967,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5768,7 +5988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5776,7 +5996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5785,7 +6005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5793,22 +6013,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5818,14 +6038,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5838,12 +6058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5853,7 +6073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5863,63 +6083,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5928,74 +6148,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6006,7 +6226,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6014,24 +6234,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6048,12 +6268,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6061,36 +6281,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6098,14 +6318,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6115,101 +6335,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6218,59 +6438,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6279,22 +6499,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6303,14 +6523,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6318,7 +6538,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6331,27 +6551,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6367,13 +6587,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6531,124 +6751,374 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6656,7 +7126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6668,7 +7138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7063,168 +7533,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7232,62 +7715,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7295,17 +7778,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7314,129 +7797,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7447,12 +7930,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7460,7 +7943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7472,7 +7955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7481,7 +7964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7491,12 +7974,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7504,40 +7987,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7545,19 +8028,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7567,17 +8050,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7585,19 +8068,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7605,19 +8088,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7625,12 +8108,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7638,19 +8121,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7658,116 +8141,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7777,12 +8260,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7903,7 +8386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7918,7 +8401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7933,12 +8416,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7959,12 +8442,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7988,17 +8471,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8006,7 +8489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8016,7 +8499,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8033,7 +8516,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8046,12 +8529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8070,60 +8553,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8237,26 +8720,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8275,7 +8758,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8412,6 +8895,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8584,7 +9068,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8594,88 +9078,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8689,7 +9173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8697,7 +9181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8922,25 +9406,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8951,12 +9437,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8965,7 +9451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8974,7 +9460,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8983,14 +9469,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9003,7 +9489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9012,7 +9498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9030,24 +9516,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9056,7 +9542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9065,12 +9551,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9080,7 +9566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9089,16 +9575,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9108,21 +9594,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9132,15 +9618,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9155,23 +9633,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9179,22 +9657,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9205,12 +9683,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9220,12 +9698,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9233,12 +9711,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9254,14 +9732,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9269,7 +9747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9281,42 +9759,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9332,7 +9810,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9340,7 +9818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9348,7 +9826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9360,22 +9838,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9391,7 +9869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9399,7 +9877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9407,7 +9885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9419,22 +9897,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9449,14 +9927,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9464,7 +9942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9476,23 +9954,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9508,14 +9986,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9523,7 +10001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9534,19 +10012,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9554,7 +10032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9566,29 +10044,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9596,12 +10074,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9614,57 +10092,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9672,17 +10150,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9692,12 +10170,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9708,19 +10216,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9730,12 +10238,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9743,7 +10251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9758,7 +10266,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9767,7 +10275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9775,7 +10283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9785,7 +10293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10827,7 +11335,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13904,10 +14412,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 64" -msgstr "Dre ziouer : 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 @@ -13923,10 +14429,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 65536" -msgstr "Dre ziouer : 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15429,10 +15933,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "RANNOÙ SERVIJOÙ" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -15669,6 +16171,112 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: root" +msgid "Default: ipHost" +msgstr "Dre zoiuer : root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_iphost_name (string)" +msgstr "full_name_format (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipHostNumber" +msgstr "Dre ziouer : true" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetwork" +msgstr "Dre ziouer : true" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "full_name_format (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetworkNumber" +msgstr "Dre ziouer : true" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15815,8 +16423,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16473,40 +17081,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16788,7 +17403,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/ca.po b/src/man/po/ca.po index adf6edf196..55985fd13b 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -12,9 +12,9 @@ # Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2015-10-18 04:13+0000\n" "Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -333,10 +333,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Per defecte: true" @@ -358,21 +358,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -396,8 +397,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Per defecte: 10" @@ -412,7 +413,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -501,7 +502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -523,12 +524,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -539,40 +540,40 @@ msgstr "" "compondre un FQN des dels components del nom d'usuari i del nom del domini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "nom d'usuari" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" "el nom del domini tal com s'especifica al fitxer de configuració de l'SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -582,8 +583,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Cadascun dels dominis pot tenir una cadena del format configurada de forma " @@ -592,10 +597,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (booleà)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -611,21 +614,11 @@ msgstr "try_inotify (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"L'SSSD monitora l'estat del resolv.conf per identificar quan cal actualitzar " -"el seu traductor intern de DNS. Per defecte, s'intentarà utilitzar inotify " -"per a això i recaurà en sondejar el resolv.conf cada cinc segons si no es " -"pot utilitzar l'inotify." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -735,13 +728,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:420 -#, fuzzy -#| msgid "" -#| "Please note that if this option is set all users from the primary domain " -#| "have to use their fully qualified name, e.g. user@domain.name, to log in. " -#| "Setting this option changes default of use_fully_qualified_names to True. " -#| "It is not allowed to use this option together with " -#| "use_fully_qualified_names set to False." msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -752,15 +738,10 @@ msgid "" "nss_files and therefore their output is not qualified even when the " "default_domain_suffix option is used." msgstr "" -"Tingueu en compte que si s'estableix aquesta opció per a tots els usuaris " -"des del domini principal, s'han d'utilitzar el seu FQN, p. ex. usuari@nom." -"domini, per iniciar la sessió. En establir aquesta opció es canvia el " -"predeterminat d'use_fully_qualified_names a True. No està permès l'ús " -"d'aquesta opció juntament amb use_fully_qualified_names establert a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -869,10 +850,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Per defecte: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -983,12 +962,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -1072,8 +1051,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Per defecte: Sense establir" @@ -1159,7 +1138,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Per defecte: 60" @@ -1219,8 +1198,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Per defecte: 300" @@ -1314,7 +1293,7 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Per defecte: 50" @@ -1336,7 +1315,7 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Per defecte: 15" @@ -1884,7 +1863,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1897,7 +1876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1911,7 +1890,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" @@ -1974,8 +1953,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Per defecte: none" @@ -2040,8 +2019,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Per defecte: False" @@ -2053,64 +2032,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2118,7 +2097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2130,63 +2109,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2194,12 +2173,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2210,15 +2189,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2226,7 +2205,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2234,13 +2213,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Per defecte: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "Opcions de configuració de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2258,24 +2293,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2285,23 +2320,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" "Es poden utilitzar aquestes opcions per configurar el servei de l'autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2309,51 +2344,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "Es poden utilitzar aquestes opcions per configurar el servei de l'SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Per defecte: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2362,14 +2397,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_certificate (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2379,38 +2412,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Per defecte: sense establir (no se substituiran els espais)" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2421,7 +2476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2432,25 +2487,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" "Es poden utilitzar aquestes opcions per configurar el contestador del PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2458,12 +2513,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2472,24 +2527,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2499,66 +2554,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2566,17 +2621,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2584,7 +2639,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2592,22 +2647,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2616,14 +2671,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2632,31 +2687,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2665,7 +2720,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2678,24 +2733,24 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2704,29 +2759,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2740,7 +2795,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2750,7 +2805,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2764,39 +2819,39 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2805,12 +2860,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2819,7 +2874,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2830,115 +2885,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Per defecte: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"Quants segons el nss_sss hauria de considerar les entrades vàlides abans de " +"demanar al rerefons una altra vegada" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"Quants segons el nss_sss hauria de considerar les entrades vàlides abans de " +"demanar al rerefons una altra vegada" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2947,44 +3042,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2992,24 +3099,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "Per defecte: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3022,17 +3129,17 @@ msgstr "" "ha de ser superior o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3041,34 +3148,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Per defecte: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3076,7 +3183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3084,8 +3191,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3094,8 +3201,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3103,19 +3210,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3128,7 +3235,7 @@ msgstr "" "l'usuari mentre que <command>getent passwd test@LOCAL</command> sí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3136,22 +3243,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3163,7 +3272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3171,12 +3280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3185,7 +3294,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3196,7 +3305,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3207,7 +3316,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3215,17 +3324,17 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3234,12 +3343,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3250,19 +3359,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3275,7 +3384,7 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3283,22 +3392,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3307,7 +3416,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3315,7 +3424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3326,7 +3435,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3334,12 +3443,12 @@ msgstr "" "objectiu PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3348,17 +3457,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3366,32 +3475,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3402,7 +3511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3411,12 +3520,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3424,7 +3533,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3432,31 +3541,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3464,7 +3573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3473,17 +3582,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3491,43 +3600,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3535,7 +3644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3543,7 +3652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3551,24 +3660,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3576,12 +3685,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"El proveïdor que hauria de gestionar les operacions de canvi contrasenya per " +"al domini. Els proveïdors de canvi de contrasenya compatibles són:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> per autenticació nativa LDAP. Vegeu " +"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " +"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows password changes explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3591,7 +3767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3600,29 +3776,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3633,7 +3809,7 @@ msgstr "" "quote> , el domini és tot el que hi ha després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3643,17 +3819,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3662,42 +3838,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3706,25 +3882,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3733,52 +3909,52 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3786,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3795,17 +3971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3813,34 +3989,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3850,32 +4026,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3885,34 +4061,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Per defecte: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3921,19 +4097,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3941,24 +4117,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3967,24 +4143,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3994,14 +4170,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4009,21 +4185,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4031,7 +4207,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4040,7 +4216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4049,7 +4225,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4060,17 +4236,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on reenvia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4079,12 +4255,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4095,12 +4271,35 @@ msgstr "" "format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"El nom de la biblioteca NSS per utilitzar als dominis del servidor " +"intermediari. Les funcions NSS que se cerquen a la biblioteca tenen el " +"format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4109,12 +4308,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4122,7 +4321,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4131,12 +4330,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4153,7 +4352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4161,17 +4360,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4180,7 +4379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4190,7 +4389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4210,12 +4409,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "La secció del domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4226,29 +4425,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminat per als usuaris que es creen amb eines de l'espai " "d'usuari de l'SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4257,46 +4456,46 @@ msgstr "" "replaceable> i utilitzen aquest com el directori inicial." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4307,17 +4506,17 @@ msgstr "" "defecte en un directori inicial acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4330,17 +4529,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4351,17 +4550,17 @@ msgstr "" "suprimit. Si no s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4372,17 +4571,17 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4393,69 +4592,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4468,7 +4667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4476,7 +4675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4485,55 +4684,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4542,17 +4741,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4560,26 +4759,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4588,17 +4787,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4608,7 +4807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4617,59 +4816,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4677,14 +4876,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4692,7 +4891,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4700,12 +4899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4759,7 +4958,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4768,7 +4967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4776,7 +4975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4787,7 +4986,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4801,7 +5000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4967,7 +5166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Exemples:" @@ -5142,27 +5341,40 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Per defecte: password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry> to specify the default " +#| "permissions on a newly created home directory." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Utilitzat per <citerefentry><refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> per especificar els permisos per " +"defecte en un directori inicial acabat de crear." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"El testimoni de l'autenticació de l'omissió s'uneixen DN. Només aclarir " -"text contrasenyes estan suportats actualment." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "El tipus de testimoni d'autenticació del vincle DN per defecte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5175,24 +5387,24 @@ msgstr "" "voleu utilitzar un àmbit en majúscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5203,7 +5415,7 @@ msgstr "" "los per estalviar espai." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5212,12 +5424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5229,7 +5441,7 @@ msgstr "" "RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5239,7 +5451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5249,34 +5461,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5284,22 +5496,36 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ipa_host_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5307,7 +5533,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5315,12 +5541,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5328,12 +5554,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5350,12 +5576,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5364,12 +5590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5378,34 +5604,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Per defecte: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5413,14 +5660,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5428,17 +5675,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5448,12 +5695,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5461,17 +5708,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5479,7 +5741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5490,7 +5752,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5499,7 +5761,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5507,12 +5769,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5522,7 +5784,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5531,7 +5793,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5543,7 +5805,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5554,7 +5816,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5565,22 +5827,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5589,7 +5851,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5598,12 +5860,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5617,32 +5879,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5650,12 +5912,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -5664,12 +5926,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5677,17 +5939,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5698,24 +5960,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5726,12 +5988,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5744,7 +6006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5756,17 +6018,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5774,51 +6036,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Per defecte: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Per defecte: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5826,28 +6088,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5859,7 +6121,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5870,7 +6132,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5882,41 +6144,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5926,7 +6188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5934,12 +6196,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5948,7 +6210,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5957,7 +6219,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5965,7 +6227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5977,25 +6239,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6004,7 +6266,7 @@ msgstr "" "quan es compila amb la versió 2.4.13 o superiors d'OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6013,29 +6275,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6045,30 +6307,30 @@ msgstr "" "dels serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6084,12 +6346,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6098,14 +6360,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6114,17 +6376,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6133,7 +6395,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6145,12 +6407,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6159,7 +6421,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6168,7 +6430,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6176,7 +6438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6185,7 +6447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6193,24 +6455,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6220,14 +6482,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6240,12 +6502,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6255,7 +6517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6265,20 +6527,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6287,31 +6549,31 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6320,12 +6582,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6334,22 +6596,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple: cn=ppolicy,ou=policies,dc=exemple,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Per defecte: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6358,13 +6620,13 @@ msgstr "" "es fa una cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6374,7 +6636,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6383,7 +6645,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6392,7 +6654,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6401,19 +6663,19 @@ msgstr "" "biblioteques de client LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6424,7 +6686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6432,36 +6694,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -6471,20 +6726,14 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Totes les opcions comunes de configuració que s'apliquen als dominis SSD " -"també s'apliquen als dominis LDAP. Referiu-vos a la secció <quote>SECCIONS " -"DE DOMINI</quote> de la pàgina de manual de <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> per a tots els detalls. <placeholder type=\"variablelist\" id=" -"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "OPCIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6492,36 +6741,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Per defecte: 21600 (6 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6529,14 +6778,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6546,101 +6795,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6649,59 +6898,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "OPCIONS D'AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Per defecte: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6710,22 +6959,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6734,14 +6983,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6752,7 +7001,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6765,27 +7014,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6801,13 +7050,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7113,11 +7362,267 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "El tipus de testimoni d'autenticació del vincle DN per defecte." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Desbloqueja el compte de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +#, fuzzy +#| msgid "Configuration attributes" +msgid "Conversation failure." +msgstr "Atributs de configuració" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "FITXERS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7129,7 +7634,7 @@ msgstr "" "instruccions sobre com es restableix una contrasenya." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7149,7 +7654,7 @@ msgstr "" "únicament han de tenir els permisos de lectura." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7594,172 +8099,185 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:93 -msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +#: sss-certmap.5.xml:93 +msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7767,62 +8285,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7830,17 +8348,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7849,129 +8367,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7982,12 +8500,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7995,7 +8513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -8007,7 +8525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -8016,7 +8534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -8026,12 +8544,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8039,40 +8557,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8080,19 +8598,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -8102,17 +8620,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -8120,19 +8638,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -8140,19 +8658,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -8160,12 +8678,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -8173,19 +8691,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -8193,116 +8711,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -8312,12 +8830,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -8451,7 +8969,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleà)" @@ -8466,7 +8984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8481,12 +8999,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8507,12 +9025,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8536,17 +9054,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8554,7 +9072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8564,7 +9082,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8581,7 +9099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (enter)" @@ -8594,12 +9112,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8618,60 +9136,60 @@ msgid "Default: False (disabled)" msgstr "Per defecte: False (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8785,26 +9303,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8823,7 +9341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Per defecte: 5 (segons)" @@ -8960,6 +9478,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Per defecte: cn" @@ -9132,7 +9651,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -9142,88 +9661,96 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring Kerberos." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"<quote>krb5</quote> per a l'autenticació Kerberos. Vegeu " +"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -9237,7 +9764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9249,7 +9776,7 @@ msgstr "" "específiques del proveïdor IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9480,25 +10007,27 @@ msgstr "ad_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9509,12 +10038,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "ad_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9523,7 +10052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9532,7 +10061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9541,14 +10070,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9561,7 +10090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9570,7 +10099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9588,24 +10117,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "ad_site (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9614,7 +10143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9623,12 +10152,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9638,7 +10167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9647,16 +10176,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9666,21 +10195,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9690,15 +10219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9713,23 +10234,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9737,22 +10258,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "Per defecte: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "Per defecte: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9763,12 +10284,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9778,12 +10299,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9791,12 +10312,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9812,14 +10333,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9829,7 +10350,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9841,42 +10362,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9892,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9900,7 +10421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9910,7 +10431,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9922,22 +10443,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9953,7 +10474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9961,7 +10482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9971,7 +10492,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9983,22 +10504,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10013,14 +10534,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10030,7 +10551,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10042,23 +10563,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10074,14 +10595,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10091,7 +10612,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10102,19 +10623,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10124,7 +10645,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10136,29 +10657,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10168,12 +10689,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10186,57 +10707,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10244,17 +10765,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10264,12 +10785,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (booleà)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10280,19 +10833,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "Per defecte: 3600 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10302,12 +10855,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Per defecte: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10315,7 +10868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10339,7 +10892,7 @@ msgstr "" "ad_domain = exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10351,7 +10904,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10359,7 +10912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10369,7 +10922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10897,16 +11450,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " -#| "applications will not use the fast in memory cache." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"Si la variable d'entorn SSS_NSS_USE_MEMCACHE està establerta a \"NO\", les " -"aplicacions clients no utilitzaran el fast en la memòria cau." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -11534,7 +12081,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -11998,20 +12545,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring Kerberos." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " -"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -14753,26 +15292,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of the IPA provider for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " -#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"En aquesta pàgina del manual es descriu la configuració del proveïdor IPA " -"per a <citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</" -"manvolnum></citerefentry>. Per una referència detallada sintaxi, aneu a la " -"secció de <quote>FORMAT DE FITXER</quote> de la pàgina del manual " -"<citerefentry>d'<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -14801,10 +15326,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -14818,10 +15341,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id, max_id (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -14832,17 +15353,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Per defecte: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (enter)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -14853,10 +15370,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Per defecte: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15057,17 +15572,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "user_attributes = +telephoneNumber, -loginShell\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"user_attributes = +telephoneNumber, -loginShell\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 @@ -15336,10 +15846,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -15358,28 +15866,16 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "Proveïdor de LDAP de l'SSSD" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -15387,12 +15883,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"En aquesta pàgina del manual es descriu la configuració de dominis LDAP per " -"a <citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>. Consulteu la secció <quote>FORMAT DE FITXER</" -"quote> de la pàgina del manual <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> per obtenir " -"informació detallada de la sintaxi." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -16210,10 +16700,8 @@ msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -16428,10 +16916,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "SECCIONS DELS SERVEIS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -16665,10 +17151,136 @@ msgstr "Per defecte: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "OPCIONS D'AUTOFS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_user_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "La classe d'objecte d'una entrada d'usuari a LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: sudoHost" +msgid "Default: ipHost" +msgstr "Per defecte: sudoHost" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_iphost_name (string)" +msgstr "ad_hostname (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of the user's home directory." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "L'atribut LDAP que conté el nom del directori inicial de l'usuari." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_user_uid_number (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "The LDAP attribute that contains the IP host address." +msgstr "L'atribut LDAP que conté els noms dels membres del grup." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "Per defecte: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Per defecte: password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the names of the netgroup's members." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "The LDAP attribute that contains the IP network address." +msgstr "L'atribut LDAP que conté els noms dels membres del grup." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "Per defecte: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -16816,8 +17428,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16917,10 +17529,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (enter)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -17511,6 +18121,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 +#, fuzzy +#| msgid "" +#| "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " +#| "tracing information." +msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" +"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Informació de traçat " +"extremadament de baix nivell." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" @@ -17520,7 +18143,7 @@ msgstr "" "següents exemples:" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -17530,7 +18153,7 @@ msgstr "" "utilitzeu0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -17540,7 +18163,7 @@ msgstr "" "les funcions internes de control, utilitzeu 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." @@ -17549,14 +18172,14 @@ msgstr "" "depuració es va introduir en la versió 1.7.0." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Per defecte</emphasis>: 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -17848,8 +18471,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -18006,8 +18631,9 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" -#~ msgid "Default: homeDirectory" -#~ msgstr "Per defecte: homeDirectory" - -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (enter)" +#~ msgid "" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." +#~ msgstr "" +#~ "El testimoni de l'autenticació de l'omissió s'uneixen DN. Només aclarir " +#~ "text contrasenyes estan suportats actualment." diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 4642fe99e5..0849c55d8f 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -8,9 +8,9 @@ # Pavel Borecki <pavel.borecki@gmail.com>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2019-06-21 02:15+0000\n" "Last-Translator: Pavel Borecki <pavel.borecki@gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/sssd/language/" @@ -297,10 +297,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -319,21 +319,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -357,8 +358,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -373,7 +374,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -453,7 +454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -473,12 +474,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -486,39 +487,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -527,7 +528,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -656,8 +657,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -766,10 +767,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 200000" msgid "Default: sha256" -msgstr "Výchozí: 200000" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -880,12 +879,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -969,8 +968,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1046,7 +1045,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1106,8 +1105,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1184,7 +1183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1202,7 +1201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1712,7 +1711,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1725,7 +1724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1739,7 +1738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1802,8 +1801,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1868,8 +1867,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1881,64 +1880,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1946,7 +1945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1958,63 +1957,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2022,12 +2021,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2038,15 +2037,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2054,7 +2053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2062,13 +2061,67 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +msgid "Default: no_session" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2079,24 +2132,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2106,22 +2159,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2129,51 +2182,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2182,12 +2235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2197,36 +2250,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2237,7 +2314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2248,24 +2325,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2273,12 +2350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2287,24 +2364,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2314,66 +2391,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2381,17 +2458,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2399,7 +2476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2407,22 +2484,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2431,14 +2508,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2447,38 +2524,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2487,24 +2564,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2513,29 +2590,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2549,14 +2626,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2565,39 +2642,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2606,19 +2683,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2629,115 +2706,141 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "dns_resolver_timeout" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "dns_resolver_timeout" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2746,42 +2849,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2789,24 +2904,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2815,17 +2930,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2834,34 +2949,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2869,7 +2984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2877,8 +2992,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2887,8 +3002,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2896,19 +3011,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2917,7 +3032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2925,22 +3040,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2952,7 +3069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2960,19 +3077,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2980,7 +3097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2988,35 +3105,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3024,19 +3141,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3045,7 +3162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3053,29 +3170,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3083,7 +3200,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3091,35 +3208,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3127,32 +3244,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3163,7 +3280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3172,12 +3289,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3185,7 +3302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3193,31 +3310,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3225,7 +3342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3234,17 +3351,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3252,43 +3369,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3296,7 +3413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3304,7 +3421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3312,24 +3429,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3337,12 +3454,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "override_homedir (string)" +msgid "resolver_provider (string)" +msgstr "override_homedir (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3352,7 +3512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3362,29 +3522,29 @@ msgstr "" # auto translated by TM merge from project: Fedora Websites, version: fedorahosted.org, DocId: po/fedorahosted #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3392,7 +3552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3402,59 +3562,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3463,77 +3623,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3541,7 +3701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3550,17 +3710,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3568,34 +3728,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3603,32 +3763,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3638,34 +3798,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3674,19 +3834,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3694,24 +3854,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3720,24 +3880,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3747,14 +3907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3762,21 +3922,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3784,7 +3944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3793,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3802,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3810,29 +3970,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3840,12 +4000,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3854,12 +4027,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3867,19 +4040,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3896,7 +4069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3904,17 +4077,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3923,7 +4096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3933,7 +4106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3953,12 +4126,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3966,73 +4139,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4040,17 +4213,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4059,17 +4232,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4077,17 +4250,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4095,17 +4268,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4116,69 +4289,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4191,7 +4364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4199,7 +4372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4208,55 +4381,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4265,17 +4438,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4283,26 +4456,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4311,17 +4484,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4331,7 +4504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4340,59 +4513,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4400,14 +4573,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4415,7 +4588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4423,12 +4596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4458,7 +4631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4467,7 +4640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4475,7 +4648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4486,7 +4659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4500,7 +4673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4650,7 +4823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4823,25 +4996,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4850,24 +5028,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4875,7 +5053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4884,12 +5062,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4897,7 +5075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4907,7 +5085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4917,34 +5095,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4952,22 +5130,36 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" -msgstr "" +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4975,7 +5167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4983,12 +5175,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4996,12 +5188,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5012,12 +5204,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5026,12 +5218,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5040,34 +5232,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_idmap_range_size (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_idmap_range_size (celé číslo)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5075,14 +5288,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5090,17 +5303,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5110,12 +5323,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5123,17 +5336,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_idmap_range_max (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_idmap_range_max (celé číslo)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5141,7 +5369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5152,7 +5380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5161,7 +5389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5169,26 +5397,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5196,7 +5424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5204,7 +5432,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5212,41 +5440,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5255,32 +5483,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5288,24 +5516,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5313,17 +5541,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5334,24 +5562,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5362,12 +5590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5380,7 +5608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5392,17 +5620,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5410,49 +5638,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5460,28 +5688,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5493,7 +5721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5501,7 +5729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5509,39 +5737,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5551,7 +5779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5559,26 +5787,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5586,7 +5814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5594,31 +5822,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5627,56 +5855,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5692,12 +5920,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5706,14 +5934,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5722,24 +5950,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5747,19 +5975,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5768,7 +5996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5776,7 +6004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5785,7 +6013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5793,22 +6021,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5818,14 +6046,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5838,12 +6066,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5853,7 +6081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5863,63 +6091,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5928,74 +6156,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6006,7 +6234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6014,24 +6242,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6048,12 +6276,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6061,36 +6289,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6098,14 +6326,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6115,101 +6343,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6218,59 +6446,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6279,22 +6507,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6303,14 +6531,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6318,7 +6546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6331,27 +6559,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6367,13 +6595,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6577,78 +6805,328 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6656,7 +7134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6668,7 +7146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7063,168 +7541,183 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "Příklad: <SUBJECT>.*,DC=MOJE,DC=DOMENA" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +#, fuzzy +#| msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "Příklad: <SUBJECT>.*,DC=MOJE,DC=DOMENA" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "digitalSignature" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "nonRepudiation" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "dataEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "keyAgreement" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "keyCertSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "cRLSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "encipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "decipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "serverAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "clientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "codeSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "emailProtection" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "timeStamping" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "OCSPSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "KPClientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "pkinit" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "msScLogin" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7232,62 +7725,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7295,17 +7788,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7314,129 +7807,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7447,12 +7940,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7460,7 +7953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7472,7 +7965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7481,7 +7974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7491,12 +7984,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7504,40 +7997,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7545,19 +8038,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "{cert[!(bin|base64)]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7567,17 +8060,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "Příklad: (userCertificate;binary={cert!bin})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "{subject_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7585,19 +8078,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7605,7 +8098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" @@ -7614,12 +8107,12 @@ msgstr "" "(uid={subject_pkinit_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "{subject_nt_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7627,12 +8120,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "{subject_rfc822_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7640,7 +8133,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" @@ -7649,12 +8142,12 @@ msgstr "" "short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "{subject_dns_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7662,117 +8155,117 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" "Příklad: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "{subject_uri}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "Příklad: (uri={subject_uri})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7782,12 +8275,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7908,7 +8401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7923,7 +8416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7938,12 +8431,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7964,12 +8457,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7993,17 +8486,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8011,7 +8504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8021,7 +8514,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8038,7 +8531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8051,12 +8544,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8075,60 +8568,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8242,26 +8735,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8280,7 +8773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8417,6 +8910,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8589,7 +9083,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8599,88 +9093,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8694,7 +9188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8702,7 +9196,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8927,25 +9421,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8956,12 +9452,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8970,7 +9466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8979,7 +9475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8988,14 +9484,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9008,7 +9504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9017,7 +9513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9035,24 +9531,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9061,7 +9557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9070,12 +9566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9085,7 +9581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9094,16 +9590,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9113,21 +9609,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9137,15 +9633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9160,23 +9648,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9184,22 +9672,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9210,12 +9698,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9225,12 +9713,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9238,12 +9726,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9259,14 +9747,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9274,7 +9762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9286,42 +9774,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9337,7 +9825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9345,7 +9833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9353,7 +9841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9365,22 +9853,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9396,7 +9884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9404,7 +9892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9412,7 +9900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9424,22 +9912,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9454,14 +9942,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9469,7 +9957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9481,23 +9969,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9513,14 +10001,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9528,7 +10016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9539,19 +10027,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9559,7 +10047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9571,29 +10059,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9601,12 +10089,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9619,57 +10107,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9677,17 +10165,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9697,12 +10185,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9713,19 +10231,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9735,12 +10253,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9748,7 +10266,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9763,7 +10281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9772,7 +10290,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9780,7 +10298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9790,7 +10308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10832,7 +11350,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13887,10 +14405,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "ldap_idmap_range_size (integer)" msgid "max_ccaches (integer)" -msgstr "ldap_idmap_range_size (celé číslo)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -13904,10 +14420,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "ldap_idmap_range_size (integer)" msgid "max_uid_ccaches (integer)" -msgstr "ldap_idmap_range_size (celé číslo)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -13918,17 +14432,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 200000" msgid "Default: 64" -msgstr "Výchozí: 200000" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_idmap_range_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_idmap_range_size (celé číslo)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -13939,10 +14449,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 200000" msgid "Default: 65536" -msgstr "Výchozí: 200000" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -14131,10 +14639,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:176 -#, fuzzy -#| msgid "probe sdap_search_send" msgid "probe sdap_parse_entry" -msgstr "vyzkouší sdap_search_send" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:179 @@ -14154,10 +14660,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 -#, fuzzy -#| msgid "probe dp_req_done" msgid "probe sdap_parse_entry_done" -msgstr "probe dp_req_done" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:193 @@ -15236,10 +15740,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "simple_deny_groups (string)" msgid "ldap_group_type (string)" -msgstr "simple_deny_groups (řetězec)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -15691,6 +16193,114 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: 200000" +msgid "Default: ipHost" +msgstr "Výchozí: 200000" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_iphost_name (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +msgid "Default: ipHostNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +msgid "Default: ipNetwork" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_idmap_default_domain (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_idmap_default_domain (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15837,8 +16447,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -15938,10 +16548,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -16499,40 +17107,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16814,7 +17429,9 @@ msgstr "ldap_id_mapping = true" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +#, fuzzy +#| msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "ldap_sasl_mech = gssapi" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/de.po b/src/man/po/de.po index cb8d12f780..e66e3b173f 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -8,9 +8,9 @@ # Mario Blättermann <mario.blaettermann@gmail.com>, 2014 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-14 11:53+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -323,10 +323,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Voreinstellung: »true«" @@ -345,21 +345,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -383,8 +384,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Voreinstellung: 10" @@ -399,7 +400,7 @@ msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Abschnittsparameter" @@ -488,7 +489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" @@ -511,12 +512,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -528,32 +529,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -562,7 +563,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -572,8 +573,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Für jede Domain kann eine individuelle Formatzeichenkette konfiguriert " @@ -582,10 +587,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (Boolesch)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -601,22 +604,11 @@ msgstr "try_inotify (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD überwacht den Status der »resolv.conf«, um festzustellen, wann es " -"seinen internen DNS-Resolver aktualisieren muss. Standardmäßig werden wir " -"versuchen, dafür Inotify zu benutzen. Falls Inotify nicht benutzt werden " -"kann, werden wir darauf zurückgreifen, alle fünf Sekunden »resolv.conf« " -"abzufragen." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -738,8 +730,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -848,10 +840,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Voreinstellung: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -962,12 +952,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -1051,8 +1041,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Voreinstellung: Nicht gesetzt" @@ -1144,7 +1134,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Voreinstellung: 60" @@ -1204,8 +1194,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Voreinstellung: 300" @@ -1301,7 +1291,7 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Voreinstellung: 50" @@ -1323,7 +1313,7 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Voreinstellung: 15" @@ -1894,7 +1884,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." @@ -1910,7 +1900,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1929,7 +1919,7 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" @@ -1992,8 +1982,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Voreinstellung: none" @@ -2058,8 +2048,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Voreinstellung: False" @@ -2071,64 +2061,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2136,7 +2126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2148,63 +2138,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2212,12 +2202,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2228,15 +2218,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2244,7 +2234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2252,13 +2242,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Voreinstellung: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2276,12 +2322,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2291,12 +2337,12 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2306,23 +2352,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2333,23 +2379,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2358,12 +2404,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2372,17 +2418,17 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2391,14 +2437,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_extra_attrs (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_extra_attrs (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2408,38 +2452,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set, i.e. FAST is not used." -msgid "Default: not set, all found rules are used" -msgstr "Voreinstellung: nicht gesetzt, d.h. FAST wird nicht benutzt" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2450,7 +2516,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2461,7 +2527,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2470,18 +2536,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2492,14 +2558,14 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2512,24 +2578,24 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2539,66 +2605,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2606,17 +2672,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2624,7 +2690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2632,22 +2698,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2656,14 +2722,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2672,31 +2738,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2705,7 +2771,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2718,7 +2784,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2727,17 +2793,17 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2746,29 +2812,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2782,7 +2848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2792,7 +2858,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2807,7 +2873,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2816,32 +2882,32 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2855,12 +2921,12 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2869,7 +2935,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2887,17 +2953,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2906,19 +2972,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2927,12 +2993,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2941,12 +3007,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2955,12 +3021,32 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"bestimmt, wie viele Sekunden lang »nss_sss« Benutzereinträge als gültig " +"betrachten soll, bevor das Backend erneut abgefragt wird." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2969,12 +3055,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2984,24 +3070,44 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"bestimmt, wie viele Sekunden lang »nss_sss« Einträge als gültig betrachten " +"soll, bevor das Backend erneut abgefragt wird." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3011,7 +3117,7 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3020,48 +3126,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher " "zwischengespeichert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext " "gespeichert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3069,24 +3187,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3099,17 +3217,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3122,17 +3240,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3140,18 +3258,18 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3159,7 +3277,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3170,8 +3288,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3184,8 +3302,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3197,12 +3315,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3212,7 +3330,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3226,7 +3344,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3238,22 +3356,24 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3265,7 +3385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3273,12 +3393,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3287,7 +3407,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3298,7 +3418,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3310,24 +3430,24 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3336,12 +3456,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3352,7 +3472,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3361,12 +3481,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3379,7 +3499,7 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3387,22 +3507,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3411,7 +3531,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3419,7 +3539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3431,19 +3551,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3452,19 +3572,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3475,7 +3595,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3484,7 +3604,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3493,19 +3613,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3522,7 +3642,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3531,12 +3651,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3547,7 +3667,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3559,12 +3679,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3573,12 +3693,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3588,7 +3708,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3600,7 +3720,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3609,17 +3729,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3627,37 +3747,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3665,7 +3785,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3677,7 +3797,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3689,7 +3809,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3697,17 +3817,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3716,7 +3836,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3728,12 +3848,81 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"der Anbieter, der Passwortänderungsaktionen für die Domain handhaben soll. " +"Folgende Anbieter von Passwortänderungen werden unterstützt:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"»ldap«, um in LDAP gespeicherte Abbilder zu laden. Weitere Informationen " +"über die Konfiguration von LDAP finden Sie unter <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"»ldap«, um in LDAP gespeicherte Abbilder zu laden. Weitere Informationen " +"über die Konfiguration von LDAP finden Sie unter <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "»none« deaktiviert explizit das Abholen von Subdomains." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3748,7 +3937,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3760,22 +3949,22 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3785,7 +3974,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3795,7 +3984,7 @@ msgstr "" "bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3805,17 +3994,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3823,46 +4012,46 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3871,25 +4060,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3898,52 +4087,52 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3951,7 +4140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3960,17 +4149,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3978,34 +4167,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4013,32 +4202,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4053,7 +4242,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4061,17 +4250,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4079,12 +4268,12 @@ msgstr "" "Kennzeichnungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4093,19 +4282,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4113,24 +4302,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4139,24 +4328,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4166,14 +4355,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4181,21 +4370,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4203,7 +4392,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4212,7 +4401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4221,7 +4410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4233,17 +4422,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4253,12 +4442,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4269,12 +4458,35 @@ msgstr "" "$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"der Name der NSS-Bibliothek, der für die Proxy-Domains benutzt werden soll. " +"Die in der NSS-Funktionen gesuchten Funktionen haben die Form »_nss_" +"$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4288,12 +4500,12 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4301,7 +4513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4310,12 +4522,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4332,7 +4544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4340,17 +4552,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4359,7 +4571,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4369,7 +4581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4389,12 +4601,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "Der Abschnitt lokale Domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4405,29 +4617,29 @@ msgstr "" "<replaceable>ID_Anbieter=lokal</replaceable> benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den " "Benutzerbereich erstellt wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Voreinstellung: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4436,17 +4648,17 @@ msgstr "" "replaceable> und benutzen dies als Home-Verzeichnis." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Voreinstellung: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4455,17 +4667,17 @@ msgstr "" "werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4474,12 +4686,12 @@ msgstr "" "entfernt werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4490,17 +4702,17 @@ msgstr "" "Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Voreinstellung: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4513,17 +4725,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Voreinstellung: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4534,17 +4746,17 @@ msgstr "" "wurde. Ist dies nicht angegeben wird ein Standardwert verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Voreinstellung: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4556,17 +4768,17 @@ msgstr "" "berücksichtigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4577,69 +4789,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4652,7 +4864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4660,7 +4872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4669,55 +4881,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4726,17 +4938,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4744,26 +4956,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4772,17 +4984,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4792,7 +5004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4801,59 +5013,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4861,14 +5073,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4876,7 +5088,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4884,12 +5096,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4943,7 +5155,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4952,7 +5164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4960,7 +5172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4971,7 +5183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4985,7 +5197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5172,7 +5384,7 @@ msgstr "" "rfc/rfc2254.txt spezifiziert, sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Beispiele:" @@ -5371,27 +5583,40 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Voreinstellung: password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Weitere Informationen über die Locator-Erweiterung finden Sie auf der " +"Handbuchseite <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"das Authentifizierungs-Token des Standard-Bind-Domain-Namens. Derzeit werden " -"nur Klartextpasswörter unterstützt." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "der Typ des Authentifizierungs-Tokens des Standard-Bind-Domain-Namens" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5404,12 +5629,12 @@ msgstr "" "ungleich Null, falls Sie einen Realm in Großbuchstaben wünschen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5418,12 +5643,12 @@ msgstr "" "Zwischenspeicher aufgezählter Datensätze aktualisiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5434,7 +5659,7 @@ msgstr "" "haben) und diese entfernt werden, um Platz zu sparen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5443,12 +5668,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5460,7 +5685,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5477,7 +5702,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5487,12 +5712,12 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5502,24 +5727,24 @@ msgstr "" "und neuere Versionen ausgeführt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "Rechnerobjekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5529,22 +5754,36 @@ msgstr "" "unter »ldap_search_base«." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ipa_host_search_base (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5555,7 +5794,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5566,12 +5805,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5583,12 +5822,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5605,12 +5844,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5619,12 +5858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5638,17 +5877,38 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5658,17 +5918,17 @@ msgstr "" "pro Anfrage." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5680,7 +5940,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5690,7 +5950,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5702,17 +5962,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5728,12 +5988,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5744,19 +6004,42 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (Ganzzahl)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +#, fuzzy +#| msgid "" +#| "When communicating with an LDAP server using SASL, specify the minimum " +#| "security level necessary to establish the connection. The values of this " +#| "option are defined by OpenLDAP." +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" +"Wenn mittels SASL mit einem LDAP-Server kommuniziert wird, gibt dies die " +"mindestens nötige Sicherheitsstufe zum Herstellen der Verbindung an. Die " +"Werte dieser Option werden durch OpenLDAP definiert." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5768,7 +6051,7 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5779,7 +6062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5792,7 +6075,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5803,12 +6086,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5818,7 +6101,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5827,7 +6110,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5839,7 +6122,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5850,7 +6133,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5861,22 +6144,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5885,7 +6168,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5894,12 +6177,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5913,33 +6196,33 @@ msgstr "" "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5947,12 +6230,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -5961,12 +6244,12 @@ msgstr "" "\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5978,19 +6261,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6009,24 +6292,24 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6037,12 +6320,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -6055,7 +6338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6067,17 +6350,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6088,17 +6371,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6108,34 +6391,34 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6143,28 +6426,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6183,7 +6466,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6194,7 +6477,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6206,29 +6489,29 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6238,12 +6521,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6259,7 +6542,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6270,12 +6553,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6284,7 +6567,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6293,7 +6576,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6304,7 +6587,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6316,7 +6599,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6326,17 +6609,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6345,7 +6628,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6359,28 +6642,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6389,17 +6672,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6408,12 +6691,12 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6443,12 +6726,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6460,7 +6743,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -6469,7 +6752,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6478,17 +6761,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6497,7 +6780,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6508,12 +6791,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6522,7 +6805,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6535,7 +6818,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6546,7 +6829,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6559,7 +6842,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6570,24 +6853,24 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6597,14 +6880,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6617,12 +6900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6632,7 +6915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6642,20 +6925,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6664,33 +6947,33 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6699,12 +6982,12 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6713,22 +6996,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6737,12 +7020,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6752,7 +7035,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6761,7 +7044,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6770,7 +7053,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6779,12 +7062,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -6793,7 +7076,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6811,7 +7094,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6822,36 +7105,29 @@ msgstr "" "die lokalen Benutzer um zusätzliche LDAP-Gruppen erweitert werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -6861,19 +7137,14 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Alle häufigen Konfigurationsoptionen, die für SSSD-Domains gelten, gelten " -"auch für LDAP-Domains. Umfassende Einzelheiten finden Sie im Abschnitt " -"»DOMAIN-ABSCHNITTE« der Handbuchseite <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>. <placeholder " -"type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6884,12 +7155,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -6899,7 +7170,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -6908,17 +7179,17 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6926,7 +7197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -6935,7 +7206,7 @@ msgstr "" "das Attribut »modifyTimestamp« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6945,12 +7216,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -6960,12 +7231,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -6974,7 +7245,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -6983,8 +7254,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -6993,17 +7264,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7012,7 +7283,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7021,12 +7292,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7035,12 +7306,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7049,14 +7320,14 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7069,59 +7340,59 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7130,22 +7401,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7154,14 +7425,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7172,7 +7443,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7185,27 +7456,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7221,13 +7492,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7531,11 +7802,265 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "der Typ des Authentifizierungs-Tokens des Standard-Bind-Domain-Namens" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "entsperrt das Benutzerkonto." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "DATEIEN" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7547,7 +8072,7 @@ msgstr "" "Anweisungen enthalten, wie ein Passwort zurückgesetzt wird." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7567,7 +8092,7 @@ msgstr "" "Leserechte haben dürfen." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8017,168 +8542,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -8186,62 +8724,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -8249,17 +8787,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -8268,129 +8806,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -8401,12 +8939,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -8414,7 +8952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -8426,7 +8964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -8435,7 +8973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -8445,12 +8983,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8458,40 +8996,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8499,19 +9037,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -8521,17 +9059,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -8539,19 +9077,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -8559,19 +9097,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -8579,12 +9117,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -8592,19 +9130,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -8612,116 +9150,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -8731,12 +9269,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -8879,7 +9417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" @@ -8894,7 +9432,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8916,12 +9454,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8950,12 +9488,12 @@ msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8983,17 +9521,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9001,7 +9539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -9011,7 +9549,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "aktiviert DNS-Sites – standortbasierte Dienstsuche" @@ -9036,7 +9574,7 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" @@ -9052,12 +9590,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9082,12 +9620,12 @@ msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9096,48 +9634,48 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9264,26 +9802,26 @@ msgstr "" "zu verwenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9302,7 +9840,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" @@ -9445,6 +9983,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Voreinstellung: cn" @@ -9629,7 +10168,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -9639,88 +10178,96 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry> manual page for more details." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -9734,7 +10281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9746,7 +10293,7 @@ msgstr "" "Optionen von IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9990,32 +10537,43 @@ msgstr "ad_hostname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the Active Directory domain to identify " +#| "this host." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" "optional, kann auf Maschinen, bei denen »hostname(5)« nicht den voll " "qualifizierten Namen in der Active-Directory-Domain widerspiegelt, benutzt " "werden, um sie zu identifizieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "Dieses Feld wird benutzt, um den in der Keytab benutzten Host Principal zu " "bestimmen. Er muss dem Rechnernamen entsprechen, für die die Keytab " "ausgegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -10033,12 +10591,12 @@ msgstr "" "Aufdeckung verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "ad_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -10051,7 +10609,7 @@ msgstr "" "quote> gesetzt werden muss, damit sie wirksam ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -10064,7 +10622,7 @@ msgstr "" "<quote>FOREST</quote> sein oder auch weggelassen werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -10078,7 +10636,7 @@ msgstr "" "<quote>NAME</quote> angegeben ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." @@ -10087,7 +10645,7 @@ msgstr "" "so wie es auch in Suchmaschinen üblich ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -10100,7 +10658,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -10114,7 +10672,7 @@ msgstr "" "der erste verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -10132,24 +10690,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -10163,7 +10721,7 @@ msgstr "" "dem LDAP-Port des aktuellen Servers." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -10178,12 +10736,12 @@ msgstr "" "können." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -10197,33 +10755,25 @@ msgstr "" "auf <quote>ad</quote> gesetzt werden muss, damit sie wirksam ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 -#, fuzzy -#| msgid "" -#| "GPO-based access control functionality uses GPO policy settings to " -#| "determine whether or not a particular user is allowed to logon to a " -#| "particular host." +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " "information on the supported policy settings please refer to the " "<quote>ad_gpo_map</quote> options." msgstr "" -"Die GPO-basierte Zugriffskontrolle verwendet gesetzte GPO-Regeln, um zu " -"ermitteln, ob sich ein bestimmter Benutzer an einem bestimmten Rechner " -"anmelden darf." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -10233,21 +10783,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -10257,25 +10807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 -#, fuzzy -#| msgid "" -#| "NOTE: If the operation mode is set to enforcing, it is possible that " -#| "users that were previously allowed logon access will now be denied logon " -#| "access (as dictated by the GPO policy settings). In order to facilitate a " -#| "smooth transition for administrators, a permissive mode is available that " -#| "will not enforce the access control rules, but will evaluate them and " -#| "will output a syslog message if access would have been denied. By " -#| "examining the logs, administrators can then make the necessary changes " -#| "before setting the mode to enforcing." +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -10288,24 +10820,14 @@ msgid "" "functions' is required (see <citerefentry> <refentrytitle>sssctl</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page)." msgstr "" -"ACHTUNG: Wird der Operationsmodus auf »enforcing« gesetzt, dann ist es " -"möglich, dass Benutzern, denen früher bereits einmal Zugriff gewährt wurde, " -"ihnen dieser nun verweigert wird (sofern dies von den GPO-Regeln " -"vorgeschrieben wird). Um Administratoren einen weichen Übergang zu " -"ermöglichen, ist der Modus »permissive« verfügbar, der die Umsetzung der " -"Zugriffskontrollregeln nicht erzwingt. Diese werden lediglich ausgewertet " -"und eine Meldung geht an das Systemprotokoll, falls tatsächlich der Zugriff " -"verweigert werden würde. Nach dem Untersuchen der Protokolle können " -"Administratoren nun die nötigen Änderungen vornehmen, bevor der Modus auf " -"»enforcing« gesetzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "Für diese Option werden drei Werte unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" @@ -10313,14 +10835,14 @@ msgstr "" "deren Anwendung erzwungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" "enforcing: GPO-basierte Zugriffskontrollregeln werden sowohl ausgewertet als " "auch deren Anwendung erzwungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -10332,22 +10854,22 @@ msgstr "" "verweigert werden würde, wenn die Option auf »enforcing« gesetzt wäre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "Voreinstellung: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -10358,12 +10880,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -10373,12 +10895,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10386,12 +10908,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10407,14 +10929,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10422,7 +10944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10434,42 +10956,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10485,7 +11007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10493,7 +11015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10501,7 +11023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10513,22 +11035,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10544,7 +11066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10552,7 +11074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10560,7 +11082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10572,22 +11094,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10602,14 +11124,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10617,7 +11139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10629,23 +11151,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10661,14 +11183,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10676,7 +11198,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10687,19 +11209,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10707,7 +11229,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10719,29 +11241,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10749,12 +11271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10767,57 +11289,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10825,17 +11347,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10845,12 +11367,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (Boolesch)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10868,19 +11422,19 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10890,12 +11444,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Voreinstellung: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10907,7 +11461,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10931,7 +11485,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10943,7 +11497,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10954,7 +11508,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10964,7 +11518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11553,17 +12107,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " -#| "applications will not use the fast in memory cache." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"Falls die Umgebungsvariable SSS_NSS_USE_MEMCACHE auf »NO« gesetzt ist, " -"nutzen Client-Anwendungen den schnellen speicherinternen Zwischenspeicher " -"nicht." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -12207,9 +12754,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -12779,20 +13334,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " -#| "more information on the locator plugin." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"Weitere Informationen über die Locator-Erweiterung finden Sie auf der " -"Handbuchseite <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -15539,25 +16086,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of the AD provider for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " -#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"Diese Handbuchseite beschreibt die Konfiguration des AD-Anbieters für " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Eine ausführliche Syntax-Referenz finden Sie im Abschnitt " -"»DATEIFORMAT« der Handbuchseite <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -15586,10 +16120,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -15603,10 +16135,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id,max_id (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -15617,17 +16147,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Voreinstellung: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (Ganzzahl)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -15638,10 +16164,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Voreinstellung: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15842,17 +16366,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "user_attributes = +telephoneNumber, -loginShell\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"user_attributes = +telephoneNumber, -loginShell\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 @@ -16121,10 +16640,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -16143,28 +16660,16 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "SSSD LDAP-Anbieter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -16172,11 +16677,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"Diese Handbuchseite beschreibt die Konfiguration von LDAP-Domains für " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Detaillierte Syntax-Informationen finden Sie im Abschnitt " -"»DATEIFORMAT« der Handbuchseite <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -17043,10 +17543,8 @@ msgstr "ldap_group_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -17271,10 +17769,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "DIENSTABSCHNITTE" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -17522,10 +18018,141 @@ msgstr "Voreinstellung: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "AUTOFS-OPTIONEN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_user_object_class (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "die Objektklasse eines Benutzereintrags in LDAP" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Voreinstellung: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_iphost_name (string)" +msgstr "ad_hostname (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" +"das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_user_uid_number (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "The LDAP attribute that contains the IP host address." +msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "Voreinstellung: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Voreinstellung: password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" +"das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "" +"das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "Voreinstellung: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -17693,8 +18320,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -17825,10 +18452,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (Ganzzahl)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -18514,6 +19139,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 +#, fuzzy +#| msgid "" +#| "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " +#| "tracing information." +msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" +"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Verfolgungsmeldungen " +"extrem niederster Ebene." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" @@ -18522,7 +19160,7 @@ msgstr "" "hinzu, wie in den folgenden Beispielen gezeigt:" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -18531,7 +19169,7 @@ msgstr "" "und Funktionsdaten zu protokollieren, benutzen Sie 0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -18541,7 +19179,7 @@ msgstr "" "interne Steuerfunktionen zu protokollieren, benutzen Sie 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." @@ -18550,14 +19188,14 @@ msgstr "" "1.7.0 eingeführt." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Voreinstellung</emphasis>: 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -18880,8 +19518,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -19038,19 +19678,9 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" -#~ msgid "Default: homeDirectory" -#~ msgstr "Voreinstellung: homeDirectory" - -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (Ganzzahl)" - #~ msgid "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." #~ msgstr "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "das Authentifizierungs-Token des Standard-Bind-Domain-Namens. Derzeit " +#~ "werden nur Klartextpasswörter unterstützt." diff --git a/src/man/po/es.po b/src/man/po/es.po index f32f5fbaec..6ade7699ac 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -13,12 +13,13 @@ # Daniel Cabrera <logan@fedoraproject.org>, 2011 # Emilio Herrera <ehespinosa57@gmail.com>, 2018. #zanata # Emilio Herrera <ehespinosa57@gmail.com>, 2019. #zanata +# Emilio Herrera <ehespinosa57@gmail.com>, 2020. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" -"PO-Revision-Date: 2019-11-16 03:52+0000\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" +"PO-Revision-Date: 2020-03-13 04:14+0000\n" "Last-Translator: Emilio Herrera <ehespinosa57@gmail.com>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" "es/)\n" @@ -363,10 +364,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Predeterminado: true" @@ -388,21 +389,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -429,8 +431,8 @@ msgstr "" "Advierta que después de tres pulsaciones perdidas el servicio se terminará." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -445,7 +447,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Parámetros de sección" @@ -546,7 +548,7 @@ msgstr "" "bajos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -571,12 +573,12 @@ msgstr "" "las SECCIONES DOMINIO para mas información sobre estas expresiones regulares." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -588,33 +590,33 @@ msgstr "" "dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" "nombre de dominio como se especifica en el fichero de configuración SSSD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -624,7 +626,7 @@ msgstr "" "medio de IPA de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -634,8 +636,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Cada dominio puede tener una cadena de formato individual configurar. Vea " @@ -643,10 +649,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (booleano)" +msgstr "monitor_resolv_conf (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -654,6 +658,8 @@ msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" +"Controla si SSSD monitorizaría el estado de resolv.conf para identificar " +"cuando necesita actualizar su interfaz de resolución DNS interno." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:335 @@ -662,21 +668,14 @@ msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD monitorea el estado de resolv.conf para saber cuando es necesario " -"actualizar su resolutor DNS interno. Por defecto, intentaremos utilizar para " -"ello la herramienta inotify, quien consultará a resolv.conf cada cinco " -"segundos en caso que inotify no pueda ser utilizado." +"Por defecto, SSSD intentará usar inotify para monitorizar cambios en los " +"ficheros de configuración y volverá a sondear cada cinco segundos si inotify " +"no puede ser usado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -796,13 +795,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:420 -#, fuzzy -#| msgid "" -#| "Please note that if this option is set all users from the primary domain " -#| "have to use their fully qualified name, e.g. user@domain.name, to log in. " -#| "Setting this option changes default of use_fully_qualified_names to True. " -#| "It is not allowed to use this option together with " -#| "use_fully_qualified_names set to False." msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -813,15 +805,19 @@ msgid "" "nss_files and therefore their output is not qualified even when the " "default_domain_suffix option is used." msgstr "" -"Por favor advierta que si se ajusta esta opción todos los usuarios del " -"domino primario tiene que usar su nombre totalmente cualificado, e.g. " -"user@domain.name, para acceder. Fijando esta opción cambia el predeterminado " -"de use_fully_qualified_names a True. No está permitido usar esta opción unto " -"con use_fully_qualified_names fijado a False." +"Por favor advierta que si esta opción está establecida todos los usuarios " +"del dominio primario tienen que usar su nombre totalmente cualificado, e.g. " +"user@domain.name, para acceder. El establecimiento de esta opción cambia el " +"comportamiento predeterminado de use_fully_qualified_names a True. No está " +"permitido el uso de esta opción junto con use_fully_qualified_names " +"establecido a False. Una excepción de esta regla son los dominios con " +"<quote>id_provider=files</quote> que siempre intentan igualar el " +"comportamiento de nss_files y por lo tanto su salida es no cualificada aún " +"cuando se use la opción default_domain_suffix." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -892,15 +888,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:483 -#, fuzzy -#| msgid "no_ocsp" msgid "soft_ocsp" -msgstr "no_ocsp" +msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:485 sssd.conf.5.xml:585 msgid "(NSS Version) This option is ignored." -msgstr "" +msgstr "(Versión NSS) Esta opción es ignorada." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:488 @@ -910,11 +904,15 @@ msgid "" "authentication when the system is offline and the OCSP responder cannot be " "reached." msgstr "" +"(Versión OpenSSL) S no se puede establecer una conexión con un contestador " +"OCSP la comprobación OCSP es saltada. Esta opción debería ser usada para " +"permitir la autenticación cuando el sistema no está en línea y el " +"contestador OCSP no puede ser alcanzado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:498 msgid "ocsp_dgst" -msgstr "" +msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:500 @@ -922,39 +920,41 @@ msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" +"Función resumen (picadillo) usada para crear la ID del certificado para la " +"petición OCSP. Los valores permitidos son:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:504 msgid "sha1" -msgstr "" +msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:505 msgid "sha256" -msgstr "" +msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:506 msgid "sha384" -msgstr "" +msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:507 msgid "sha512" -msgstr "" +msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Predeterminado: 5" +msgstr "Predeterminado: sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 msgid "" "(NSS Version) This option is ignored, because NSS uses sha1 unconditionally." msgstr "" +"(Versión NSS) Esta opción es ignorada, porque NSS usa sha1 " +"incondicionalmente." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:518 @@ -1060,7 +1060,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:583 msgid "soft_crl" -msgstr "" +msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:588 @@ -1070,6 +1070,10 @@ msgid "" "allow authentication when the system is offline and the CRL cannot be " "renewed." msgstr "" +"(Versión OpenSSL) Si una Lista de Revocación de Certificado (CRL) expira " +"ignora las comprobaciones CRL para los certificados relacionados. Esta " +"opción debería ser usada para permitir la autenticación cuando el sistema " +"está fuera de linea y la CRL no puede ser renovada." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 @@ -1083,12 +1087,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "Esta página de manual fue generada para la versión NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "Esta página de manual fue generada para la versión OPENSSL." @@ -1201,8 +1205,8 @@ msgstr "" "casos donde los nombres de usuarios se deben compartir entre dominios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Por defecto: No definido" @@ -1298,7 +1302,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Predeterminado: 60" @@ -1375,8 +1379,8 @@ msgstr "" "los servicios activados son socket o D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Predeterminado: 300" @@ -1472,7 +1476,7 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Predeterminado: 50" @@ -1493,7 +1497,7 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Predeterminado: 15" @@ -2102,7 +2106,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." @@ -2118,7 +2122,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2137,7 +2141,7 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" @@ -2214,8 +2218,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Predeterminado: none" @@ -2294,8 +2298,8 @@ msgstr "" "de autenticación esta opción está deshabilitada por defecto." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Por defecto: False" @@ -2307,25 +2311,29 @@ msgstr "pam_cert_db_path (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" -"La ruta a la base de datos de certificado que contiene los módulos PKCS#11 " -"para acceder a la Smartcard." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "Predeterminado:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "/etc/pki/nssdb (versión NSS, ruta a la base de datos NSS)" +#: sssd.conf.5.xml:1454 +#, fuzzy +#| msgid "" +#| "The path to the certificate database which contain the PKCS#11 modules to " +#| "access the Smartcard." +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" +msgstr "" +"La ruta a la base de datos de certificado que contiene los módulos PKCS#11 " +"para acceder a la Smartcard." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" @@ -2334,22 +2342,22 @@ msgstr "" "certificados CA de confianza en formato PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "pam_app_services (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2358,12 +2366,12 @@ msgstr "" "tipo <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "pam_p11_allowed_services (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2372,7 +2380,7 @@ msgstr "" "permitidos usar Smartcards." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2382,7 +2390,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2402,65 +2410,65 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" "Predeterminado: el conjunto predeterminado de nombres de servicio PAM " "incluye:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2471,12 +2479,12 @@ msgstr "" "inserte la Smartcard." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "p11_uri (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2494,17 +2502,20 @@ msgstr "" "específico." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 -#, no-wrap +#: sssd.conf.5.xml:1604 +#, fuzzy, no-wrap +#| msgid "" +#| "p11_uri = slot-description=My%20Smartcar%20Reader\n" +#| " " msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2514,7 +2525,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2526,13 +2537,69 @@ msgstr "" "favor la salida de depuración de p11_child. Como alternativa la utilidad " "GnuTLS 'p11tool' con e.g. '--list-all' mostrará PKCS#11 URIs también." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Predeterminado: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2550,12 +2617,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2564,12 +2631,12 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2585,22 +2652,22 @@ msgstr "" "comando." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2611,22 +2678,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2635,12 +2702,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2649,17 +2716,17 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2673,14 +2740,12 @@ msgstr "" "manvolnum> </citerefentry> for details." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_certificate (cadena)" +msgstr "ssh_use_certificate_matching_rules (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2688,28 +2753,58 @@ msgid "" "comma separated list of mapping and matching rule names. All other rules " "will be ignored." msgstr "" +"Por defecto el contestador ssh usará todos los certificados disponibles que " +"coincidan con las reglas para filtrar los certificados de modo que las " +"claves ssh solo se derivarán a los que coincidan. Con esta opción las reglas " +"usadas pueden ser restringidas con una lista separada por comas de nombres " +"de reglas que coincidan y mapeen. Todas las demás reglas serán ignoradas." + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1811 +#, fuzzy +#| msgid "" +#| "If a non-existing rule name is given all rules will be ignored and all " +#| "available certificates will be used to derive ssh keys." msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" +"Si se da un nombre de regla que no existe todas las reglas serán ignoradas y " +"los certificados disponibles serán usados para derivar claves ssh." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1816 #, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Por defecto: no ajustado (los espacios no serán reemplazados)" +#| msgid "Default: not set, all found rules are used" +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "Predetermindo: no establecido, son usadas todas las reglas encontradas" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "ca_db (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2718,13 +2813,18 @@ msgstr "" "para validar los certificados de usuario antes de derivar las claves " "públicas ssh de ellos." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "/etc/pki/nssdb (versión NSS, ruta a la base de datos NSS)" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2742,7 +2842,7 @@ msgstr "" "se hacen algunas de las siguientes operaciones:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2758,7 +2858,7 @@ msgstr "" "predeterminado, pero se puede sustituir con el parámetro default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2767,17 +2867,17 @@ msgstr "" "a esos grupos." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2787,14 +2887,14 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2807,12 +2907,12 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2822,12 +2922,12 @@ msgstr "" "usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "Opciones de configuración de la grabación de sesión" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2843,32 +2943,32 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "Se pueden usar estas opciones para configurar la grabación de sesión." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "NO se grabaron usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2877,17 +2977,17 @@ msgstr "" "replaceable> y<replaceable>groups</replaceable> son grabados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Se graban todos los usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2896,17 +2996,17 @@ msgstr "" "grabación: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Predeterminado: \"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2918,17 +3018,17 @@ msgstr "" "mayúsculas/minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Predeterminado: Vacío. No hay usuarios coincidentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2940,7 +3040,7 @@ msgstr "" "minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2952,22 +3052,22 @@ msgstr "" "pertenece el usuario." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Predeterminado: Vacío. No empareja grupos." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "domain_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2980,7 +3080,7 @@ msgstr "" "disponibles para las interfaces y utilidades de sistema operativo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2989,7 +3089,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3002,7 +3102,7 @@ msgstr "" "manvolnum> </citerefentry>) y el contestador PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3011,7 +3111,7 @@ msgstr "" "<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3020,17 +3120,17 @@ msgstr "" "<quote>Dominios aplicación</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "Predeterminado: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3039,7 +3139,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3052,7 +3152,7 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3061,17 +3161,17 @@ msgstr "" "devolviéndolas por nombre o ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3084,22 +3184,22 @@ msgstr "" "Este parámetros puede tener uno de los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3108,7 +3208,7 @@ msgstr "" "entradas de usuario y grupo del servidor remoto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3132,7 +3232,7 @@ msgstr "" "guardián interno." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3142,7 +3242,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3156,7 +3256,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3165,32 +3265,32 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "Se enumerarán todos los dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "No serán enumerados dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3203,12 +3303,12 @@ msgstr "" "enumeración solo para estos dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3217,7 +3317,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3235,17 +3335,17 @@ msgstr "" "están en la caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3254,19 +3354,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3275,12 +3375,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3289,12 +3389,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3303,12 +3403,32 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"Cuantos segundos debería nss_sss considerar las entradas de usuario válidas " +"antes de preguntar al punto final otra vez." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3317,12 +3437,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3331,12 +3451,12 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3345,12 +3465,32 @@ msgstr "" "cuanto guardar en caché la clave de host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"Cuántos segundos debe considerar nss_sss como válidas las entradas antes de " +"volver a consultar al backend" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3360,55 +3500,72 @@ msgstr "" "expirados o a punto de hacerlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " "user, typically ran at login) operation in the past, both the user entry " "and the group membership are updated." msgstr "" +"El refresco en segundo plano procesará usuarios, grupos y netgroups en el " +"cache. Para usuarios que han llevado a cabo el anteriormente initgroups " +"(obtener la membresía de grupo para el usuario, normalmente ejecutando " +"login), tanto la entrada usuario y la membresia de grupo son actualizados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" +"Esta opción se hereda automáticamente para todos los dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "Usted puede considerar ajustar este valor a 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Predeterminado: 0 (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si las credenciales del usuario están también escondidas en el " "cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3420,7 +3577,7 @@ msgstr "" "SHA512 en el caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3430,17 +3587,17 @@ msgstr "" "bruta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "Predeterminado: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3453,17 +3610,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3476,17 +3633,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3494,12 +3651,12 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: Soporta un proveedor NSS heredado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" @@ -3507,7 +3664,7 @@ msgstr "" "(OBSOLETO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3519,7 +3676,7 @@ msgstr "" "grupos locales en SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3530,8 +3687,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3544,8 +3701,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3557,12 +3714,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3572,7 +3729,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3586,7 +3743,7 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3598,22 +3755,26 @@ msgstr "" "cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +#, fuzzy +#| msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "Predeterminado: FALSE (TRUE si se usa default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3632,7 +3793,7 @@ msgstr "" "devolver el grupo pedido como si estuviera vacío." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3643,12 +3804,12 @@ msgstr "" "especialmente para grupos que contienen muchos miembros." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3657,7 +3818,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3668,7 +3829,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3679,7 +3840,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3687,17 +3848,17 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3706,12 +3867,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3722,7 +3883,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3731,12 +3892,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3749,7 +3910,7 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3761,23 +3922,23 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> para transmitir control de acceso a otro módulo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3786,7 +3947,7 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3798,7 +3959,7 @@ msgstr "" "configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3809,7 +3970,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3817,13 +3978,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3832,18 +3993,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3854,7 +4015,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3863,7 +4024,7 @@ msgstr "" "predeterminados IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3872,19 +4033,19 @@ msgstr "" "predeterminados AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3901,7 +4062,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3915,12 +4076,12 @@ msgstr "" "desea usar sudo cn SSSD mas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3931,7 +4092,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3943,14 +4104,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3959,12 +4120,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3974,7 +4135,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3986,7 +4147,7 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3999,18 +4160,18 @@ msgstr "" "configuración del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "session_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4022,14 +4183,14 @@ msgstr "" "de sesiones soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> para permitir llevar a cabo tareas relacionadas con la " "sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4037,7 +4198,7 @@ msgstr "" "de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4046,7 +4207,7 @@ msgstr "" "llevar a cabo tareas relacionadas con la sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -4056,12 +4217,12 @@ msgstr "" "sin privilegios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4069,7 +4230,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4081,7 +4242,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4093,7 +4254,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4105,17 +4266,17 @@ msgstr "" "proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4124,7 +4285,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4136,12 +4297,82 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"El proveedor que debería manejar las operaciones de cambio de password para " +"el dominio. Los proveedores de cambio de passweord soportados son:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> para cargar mapas almacenados en LDAP. Vea " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> para más información sobre la configuración de " +"LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring the AD provider." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>ad</quote> para cargar mapas almacenados en un servidor AD. Vea " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> para más información sobre como configurar un " +"proveedor AD." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" +"<quote>none</quote> deshabilita el buscador de subdominios explícitamente." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4156,7 +4387,7 @@ msgstr "" "dominios Active Directory, el nombre plano (NetBIOS) del dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -4169,22 +4400,22 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4194,7 +4425,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -4205,7 +4436,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -4220,17 +4451,17 @@ msgstr "" "<quote>((?P<name>.+)@(?P<domain>[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4239,42 +4470,42 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4287,7 +4518,7 @@ msgstr "" "trabajando en modo offline." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -4296,18 +4527,18 @@ msgstr "" "información sobre la resolución del servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4316,55 +4547,55 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Distingue mayúsculas y minúsculas. Este valor es invalido para el proveedor " "AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "No sensible a mayúsculas minúsculas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4376,7 +4607,7 @@ msgstr "" "protocolo) están en minúsculas en la salida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -4389,17 +4620,17 @@ msgstr "" "posibles son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "Predeterminado: True (False para proveedor AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4411,27 +4642,27 @@ msgstr "" "siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4440,7 +4671,7 @@ msgstr "" "explícitamente ldap_krb5_keytab)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4450,32 +4681,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "Aviso: Esta opción solo trabaja con el proveedor IPA y AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "flat (NetBIOS) nombre de un subdominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4491,7 +4722,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4499,17 +4730,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4517,12 +4748,12 @@ msgstr "" "este dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4535,7 +4766,7 @@ msgstr "" "incorrectas, SSSD cae de nuevo a la autenticación en linea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -4545,12 +4776,12 @@ msgstr "" "confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "El valor especial 0 implica que esta función está deshabilitada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4561,17 +4792,17 @@ msgstr "" "gestionar <quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "auto_private_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -4580,7 +4811,7 @@ msgstr "" "usuario. El número GID se ignora en este caso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4593,12 +4824,12 @@ msgstr "" "unicidad den el espacio de ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -4607,19 +4838,12 @@ msgstr "" "a un objeto grupo en las base de datos LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 -#, fuzzy -#| msgid "" -#| "A primary group is autogenerated for user entries whose UID and GID " -#| "numbers have the same value and at the same time the GID number does not " -#| "correspond to a real group object in LDAP If the values are the same, but " -#| "the primary GID in the user entry is also used by a group object, the " -#| "primary GID of the user resolves to that group object." +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4627,14 +4851,14 @@ msgid "" "GID in the user entry is also used by a group object, the primary GID of the " "user resolves to that group object." msgstr "" -"Un grupo primario se autogenera para las entradas de usuario cuyos números " -"UID y GID tienen los mismos valores y al mismo tiempo el número GID no " -"coresponde a un objeto grupo real en LDAP si los valores son los mismos, " -"pero el GID primario en la entrada de usuario se usa también por un objeto " -"grupo, el GID primario del usaurio resuelve a este objeto grupo." +"Se autogenera un grupo primario para las entradas de usuario cuyos números " +"UID y GID tienen el mismo valor y al mismo tiempo el número GID no " +"corresponde un objeto grupo real en LDAP. Si los valores son los mismos " +"pero el GID primario en la entrada de usuario es también usado por un objeto " +"grupo, el GID primario del usuario se resuelve al de ese objeto grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -4643,7 +4867,7 @@ msgstr "" "una entrada de grupo, de otro modo el GID simplemente no se puede resolver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4654,7 +4878,7 @@ msgstr "" "también desea retener los grupos privados existentes del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -4663,7 +4887,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -4672,7 +4896,7 @@ msgstr "" "POSIX IDs asignados y True para subdominios que usan mapeo de ID automático." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4682,7 +4906,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4694,7 +4918,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4708,7 +4932,7 @@ msgstr "" "\"programlisting\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4720,17 +4944,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4739,12 +4963,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4755,12 +4979,35 @@ msgstr "" "$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"El nombre de la librería NSS para usar en los dominios proxy. Las funciones " +"NSS buscadas dentro de la librería están el formato de _nss_$(libName)_" +"$(function), por ejemplo _nss_files_getpwent." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4774,12 +5021,12 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4791,7 +5038,7 @@ msgstr "" "son encoladas." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4800,12 +5047,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "Dominios de aplicaciones" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4834,7 +5081,7 @@ msgstr "" "que opcionalmente herede ajustes de un dominio SSSD tradicional." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4846,17 +5093,17 @@ msgstr "" "establecido correctamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "Parámetros de dominio de aplicación" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "inherit_from (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4869,7 +5116,7 @@ msgstr "" "<quote>hermano</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4884,7 +5131,7 @@ msgstr "" "cache y hace al atributo phone alcanzable a través del interfaz D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4918,12 +5165,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4934,29 +5181,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4966,17 +5213,17 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4985,17 +5232,17 @@ msgstr "" "Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -5004,12 +5251,12 @@ msgstr "" "borrados. Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -5020,17 +5267,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -5043,17 +5290,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -5064,17 +5311,17 @@ msgstr "" "Si no se especifica, se utiliza un valor por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -5085,17 +5332,17 @@ msgstr "" "único parámetro. El código de retorno del comando no es tenido en cuenta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "SECCIÓN DE DOMINIO DE CONFIANZA" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5112,57 +5359,57 @@ msgstr "" "soportadas en la sección de dominio de confianza son:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -5171,12 +5418,12 @@ msgstr "" "página de manual." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "SECCIÓN DE MAPEO DEL CERTIFICADO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5198,7 +5445,7 @@ msgstr "" "usan autenticación PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5210,7 +5457,7 @@ msgstr "" "citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5224,12 +5471,12 @@ msgstr "" "opciones:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "matchrule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -5238,7 +5485,7 @@ msgstr "" "procesados, los demás son ignorados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -5247,17 +5494,17 @@ msgstr "" "tengan Extended Key Usage <quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "maprule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "Define como se encuentra un usuario desde un certificado dado." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -5266,7 +5513,7 @@ msgstr "" "como <quote>ldap</quote>, <quote>AD</quote> o <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." @@ -5275,12 +5522,12 @@ msgstr "" "encontrar un usuario con el mismo nombre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "domains (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5293,17 +5540,17 @@ msgstr "" "usada para añadir la regla a los subdominios también." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "Predetermiado: el dominio configurado en sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "priority (entero)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5314,12 +5561,12 @@ msgstr "" "más alte mientras que <quote>4294967295</quote> es la más baja." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "Predeterminado: la prioridad más baja" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -5329,7 +5576,7 @@ msgstr "" "propiedades especiales:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -5338,7 +5585,7 @@ msgstr "" "usuario coincidente" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5351,17 +5598,17 @@ msgstr "" "short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "la opción <quote>domains</quote> es ignorada" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "SECCIÓN DE CONFIGURACIÓN INICIAL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5376,41 +5623,35 @@ msgstr "" "al usuario las credenciales apropiadas." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 -#, fuzzy -#| msgid "" -#| "With the growing number of authentication methods and the possibility " -#| "that there are multiple ones for a single user the heuristic used by " -#| "pam_sss to select the prompting might not be suitable for all use cases. " -#| "To following options should provide a better flexibility here." +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " "select the prompting might not be suitable for all use cases. The following " "options should provide a better flexibility here." msgstr "" -"Con el creciente número de métodos de autenticación kyh la posibilidad de " -"que haya múltiples para un solo usuario la heurística usada por pam_sss " -"podría no ser adecuada para todos los casos de uso. Las siguientes opciones " -"suministrarían una mejor flexibilidad aquí." +"Con el creciente número de métodos de autenticación y la la posibilidad de " +"que haya múltiples para un único usuario la heurística usada por pam_sss " +"para seleccionar la solicitud podría no ser adecuada para todos los casos. " +"Las siguientes opciones deberían suministrar una mejor flexibilidad aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "cambiar la cadena de solicitud de contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -5419,53 +5660,48 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "para cambiar la cadena de la solicitud del primer factor" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "para cambiar la cadena de la solicitud para el segundo factor" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 -#, fuzzy -#| msgid "" -#| "boolean value, if True there will be only a single prompt using the value " -#| "of first_prompt where it is expected that both factor are entered as a " -#| "single string" +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " "string" msgstr "" -"valor booleano, si True habrá solo una única consulta usando el valor de " -"first_prompt donde se espera que el factor sea introducido como una única " -"cadena" +"valor booleano, si True habrá una única pregunta usando el valor de " +"first_prompt donde se espera que ambos factores se introduzcan como una " +"única cadena" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5474,13 +5710,7 @@ msgstr "" "permitidas son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 -#, fuzzy -#| msgid "" -#| "Each supported authentication method has it's own configuration sub-" -#| "section under <quote>[prompting/...]</quote>. Currently there are: " -#| "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#| "\"variablelist\" id=\"1\"/>" +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -5492,28 +5722,23 @@ msgstr "" "\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 -#, fuzzy -#| msgid "" -#| "It is possible to add a sub-section for specific PAM services like e.g. " -#| "<quote>[prompting/password/sshd]</quote> to individual change the " -#| "prompting for this service." +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " "for this service." msgstr "" -"Es posible añadir una subsección para srvicios PAM especificos como e.g. " -"<quote>[prompting/password/sshd]</quote> para cambio individual de la " -"consulta para este servicio." +"Es posible añadir una subsección para servicios PAM específicos, e.g. " +"<quote>[prompting/password/sshd]</quote> para el cambio individual de la " +"pregunta para este servicio." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "EJEMPLOS" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -5567,7 +5792,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5580,7 +5805,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5590,7 +5815,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5607,7 +5832,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5629,7 +5854,7 @@ msgstr "" "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5819,7 +6044,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Ejemplos:" @@ -6022,27 +6247,41 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Por defecto: contraseña" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Vea la página de manual <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> para más información sobre el complemento " +"localizador." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"La ficha de autenticación del enlazador DN por defecto. Sólo se soportan " -"actualmente password de texto claro." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "El tipo de ficha de autenticación del enlazador DN por defecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6055,12 +6294,12 @@ msgstr "" "usar mayúsculas reales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6069,12 +6308,12 @@ msgstr "" "escondrijo de los registros enumerados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6085,7 +6324,7 @@ msgstr "" "para guardar espacio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6099,12 +6338,12 @@ msgstr "" "correrá cada tres horas con la enumeración habilitada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6116,7 +6355,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6132,7 +6371,7 @@ msgstr "" "conjunto de resultados de la búsqueda origina si se requiere." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6148,12 +6387,12 @@ msgstr "" "grupos." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6163,22 +6402,22 @@ msgstr "" "posteriores." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "Predeterminado: True para AD e IPA en otro caso False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6188,22 +6427,36 @@ msgstr "" "de múltiples bases de búsqueda." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ldap_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ldap_host_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6214,7 +6467,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6225,12 +6478,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6242,12 +6495,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6264,12 +6517,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6283,12 +6536,12 @@ msgstr "" "cambio extendido de contraseña y las operación StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6301,17 +6554,38 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6320,17 +6594,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6341,7 +6615,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6351,7 +6625,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6362,17 +6636,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "Deshabilitar la recuperación del rango de Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6388,12 +6662,12 @@ msgstr "" "miembros." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6404,19 +6678,42 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +#, fuzzy +#| msgid "" +#| "When communicating with an LDAP server using SASL, specify the minimum " +#| "security level necessary to establish the connection. The values of this " +#| "option are defined by OpenLDAP." +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" +"Cuando se está comunicando con un servidor LDAP usando SASL, especifica el " +"nivel de seguridad mínimo necesario para establecer la conexión. Los valores " +"de esta opción son definidos por OpenLDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6427,7 +6724,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6444,7 +6741,7 @@ msgstr "" "lo soporta y auncia el control de la desreferencia en el objeto rootDSE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6457,7 +6754,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6468,12 +6765,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6483,7 +6780,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6492,7 +6789,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6503,7 +6800,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6514,7 +6811,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6525,22 +6822,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6549,7 +6846,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6558,12 +6855,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6577,33 +6874,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6614,12 +6911,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6628,12 +6925,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6644,18 +6941,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6673,17 +6970,17 @@ msgstr "" "el servidor. Los subdominios pueden elegir otros rangos para asignar IDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "Predeterminado: no establecido (ambas opciones se establecen a 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -6692,7 +6989,7 @@ msgstr "" "soportados GSSAPI y GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6709,12 +7006,12 @@ msgstr "" "manvolnum></citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -6734,7 +7031,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6754,17 +7051,17 @@ msgstr "" "en la pestaña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6775,17 +7072,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6794,34 +7091,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Especifica la pestaña a usar cuando se utiliza SASL/GSSAPI/GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6832,12 +7129,12 @@ msgstr "" "es GSSAPI o GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" @@ -6845,17 +7142,17 @@ msgstr "" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6874,7 +7171,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6885,7 +7182,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6897,30 +7194,30 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" "Especifica el REALM Kerberos (para autorización SASL/GSSAPI/GSS-SPNEGO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6929,12 +7226,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6949,7 +7246,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6961,12 +7258,12 @@ msgstr "" "localizador." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6975,7 +7272,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6984,7 +7281,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6995,7 +7292,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7007,7 +7304,7 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7017,19 +7314,19 @@ msgstr "" "establecida por esta opción." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7038,7 +7335,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7051,29 +7348,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7083,17 +7380,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7102,12 +7399,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7135,12 +7432,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7152,7 +7449,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7161,7 +7458,7 @@ msgstr "" "usuarios cuyo atributo employeeType esté establecido a \"admin\"." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7174,17 +7471,17 @@ msgstr "" "se les seguirán otorgando acceso sin conexión y viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7193,7 +7490,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7204,12 +7501,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7218,7 +7515,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7231,7 +7528,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7242,7 +7539,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7255,7 +7552,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7266,24 +7563,24 @@ msgstr "" "la opción ldap_account_expire_policy funcione." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7299,7 +7596,7 @@ msgstr "" "funciones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7309,7 +7606,7 @@ msgstr "" "</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7331,12 +7628,12 @@ msgstr "" "estar establecido para que esta característica funcione." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7351,7 +7648,7 @@ msgstr "" "método distinto a las contraseñas - por ejemplo claves SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7366,7 +7663,7 @@ msgstr "" "inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -7374,7 +7671,7 @@ msgstr "" "explícito." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -7384,7 +7681,7 @@ msgstr "" "para una política de contraseña apropiada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7393,13 +7690,13 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -7408,7 +7705,7 @@ msgstr "" "host remoto puede acceder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -7418,12 +7715,12 @@ msgstr "" "opción de control de acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7432,12 +7729,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7451,22 +7748,22 @@ msgstr "" "LDAP no pueden verificarse correctamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Ejemplo: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Predeterminado: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7475,13 +7772,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7491,7 +7788,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7500,7 +7797,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7509,7 +7806,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7518,12 +7815,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7532,7 +7829,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7550,7 +7847,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7561,12 +7858,12 @@ msgstr "" "initgroups() aumentará los usuarios locales con los grupos LDAP adicionales." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -7575,25 +7872,18 @@ msgstr "" "descargadas durante una búsqueda de comodín." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "En este momento solo el respondedor InfoPipe soporta búsqueda de comodín" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "Predeterminado: 1000 (frecuentemente el tamaño de una página)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -7603,19 +7893,22 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Todas las opciones de configuración comunes que se aplican a los dominios " -"SSSD también se aplican a los dominios LDAP. Vea la sección <quote>DOMAIN " +"Todas las opciones comunes de configuración que se aplican a los dominios " +"SSSD tambien se aplican a los dominios LDAP. Vea la sección <quote>DOMAIN " "SECTIONS</quote> de la página de manual <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para detalles " -"completos. <placeholder type=\"variablelist\" id=\"0\"/>" +"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para todos los " +"detalles. Advierta que los atributos de mapeo SSSD LDAP están descritos en " +"la página de manual <citerefentry> <refentrytitle>sssd-ldap-attributes</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7626,12 +7919,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7641,7 +7934,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7650,17 +7943,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7672,7 +7965,7 @@ msgstr "" "actualmente SSSD)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7681,7 +7974,7 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7697,12 +7990,12 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7711,12 +8004,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7725,7 +8018,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7734,8 +8027,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7744,17 +8037,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7763,7 +8056,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7772,12 +8065,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7786,12 +8079,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7800,7 +8093,7 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -7809,7 +8102,7 @@ msgstr "" "del servidor LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7822,12 +8115,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -7836,47 +8129,47 @@ msgstr "" "esquema LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "El nombre del mapa maestro de montaje automático en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Pfredeterminado: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7889,22 +8182,22 @@ msgstr "" "función, si los nombres de grupo no están siendo visualizados correctamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7917,14 +8210,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7935,7 +8228,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7955,20 +8248,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "EJEMPLO DE FILTRO DE ACCESO LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -7977,7 +8270,7 @@ msgstr "" "ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8003,13 +8296,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8362,11 +8655,265 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "El tipo de ficha de autenticación del enlazador DN por defecto." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Desbloquea la cuenta de usuario." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "ARCHIVOS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8378,7 +8925,7 @@ msgstr "" "sobre como resetear un password." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8398,7 +8945,7 @@ msgstr "" "lectura." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8935,13 +9482,28 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "Ejemplo: <SUBJECT>.*,DC=MY,DC=DOMAIN" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +#, fuzzy +#| msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "Ejemplo: <SUBJECT>.*,DC=MY,DC=DOMAIN" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "<ISSUER>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." @@ -8951,17 +9513,17 @@ msgstr "" "también." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "Ejemplo: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "<KU>key-usage" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" @@ -8971,52 +9533,52 @@ msgstr "" "separados por comas:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "digitalSignature" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "nonRepudiation" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "dataEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "keyAgreement" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "keyCertSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "cRLSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "encipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "decipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." @@ -9025,17 +9587,17 @@ msgstr "" "también para cubrir casos de uso especiales." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "Ejemplo: <KU>digitalSignature,keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "<EKU>extended-key-usage" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" @@ -9045,52 +9607,52 @@ msgstr "" "por comas:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "serverAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "clientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "codeSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "emailProtection" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "timeStamping" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "OCSPSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "KPClientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "pkinit" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "msScLogin" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." @@ -9099,17 +9661,17 @@ msgstr "" "especificadas con sus OID en anotación decimal con puntos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "Ejemplo: <EKU>clientAuth,1.3.6.1.5.2.3.4" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "<SAN>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -9120,65 +9682,65 @@ msgstr "" "como hace <SAN:Principal>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "Ejemplo: <SAN>.*@MY\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "<SAN:Principal>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" "Haga coincidir los principios principales de Kerberos en la SAN principal de " "PKINIT o AD NT." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "Example: <SAN:Principal>.*@MY\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "<SAN:ntPrincipalName>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" "Haga coincidir los principales de Kerberos de la SAN principal de AD NT." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "<SAN:pkinit>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "Haga coincidir los principales de Kerberos con los PKINIT SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "<SAN:dotted-decimal-oid>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -9189,17 +9751,17 @@ msgstr "" "coincidir con la expresión regular." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "Example: <SAN:1.2.3.4>test" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "<SAN:otherName>base64-string" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -9212,62 +9774,62 @@ msgstr "" "podrían no ser tratados como cadenas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "Example: <SAN:otherName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "<SAN:rfc822Name>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "Haga coincidir el valor del rfc822Name SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "Example: <SAN:rfc822Name>.*@email\\.domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "<SAN:dNSName>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "Haga coincidir el valor del dNSName SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "<SAN:x400Address>base64-string" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "Binario coincide con el valor del x400Address SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "Example: <SAN:x400Address>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "<SAN:directoryName>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." @@ -9276,68 +9838,68 @@ msgstr "" "para <ISSUER> and <SUBJECT> se aplican aquí también." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "Example: <SAN:directoryName>.*,DC=com" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "<SAN:ediPartyName>base64-string" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "Hacer coincidir binario el valor del ediPartyName SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "Ejemplo: <SAN:ediPartyName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "<SAN:uniformResourceIdentifier>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "Hacer coincidir el valor del uniformResourceIdentifier SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "Ejemplo: <SAN:uniformResourceIdentifier>URN:.*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "<SAN:iPAddress>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "Haga coincidir el valor del iPAddress SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "Ejemplo: <SAN:iPAddress>192\\.168\\..*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "<SAN:registeredID>regular-expression" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" "Haga coincidir el valor de registeredID SAN como cadena decimal con puntos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "Ejemplo: <SAN:registeredID>1\\.2\\.3\\..*" @@ -9349,12 +9911,12 @@ msgstr "" "Las opciones disponibles son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "REGLA DE MAPEO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -9365,7 +9927,7 @@ msgstr "" "ser usada entonces para autenticar una de estas cuentas." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -9385,7 +9947,7 @@ msgstr "" "respectivamente. " #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -9398,7 +9960,7 @@ msgstr "" "pueden usar." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -9413,12 +9975,12 @@ msgstr "" "mapeo a propósito para un usuario específico." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9429,7 +9991,7 @@ msgstr "" "viene el último) se debería usar un opción con el prefijo '_x500'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." @@ -9438,7 +10000,7 @@ msgstr "" "atributos como los usados por AD, p. ej. 'S' en lugar de 'ST'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." @@ -9447,7 +10009,7 @@ msgstr "" "atributos como los usados por NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." @@ -9456,7 +10018,7 @@ msgstr "" "atributo de acuerdo con la ordenación NSS y LDAP/RFC 4514." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" @@ -9465,12 +10027,12 @@ msgstr "" "ad})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9481,7 +10043,7 @@ msgstr "" "último) se usaría una opción con el prefijo '_x500'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" @@ -9490,12 +10052,12 @@ msgstr "" "{subject_dn!nss_x500})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "{cert[!(bin|base64)]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -9510,17 +10072,17 @@ msgstr "" "puede, por ejemplo, ser usada con el atributo LDAP 'userCertificate;binary'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "Ejemplo: (userCertificate;binary={cert!bin})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "{subject_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -9531,7 +10093,7 @@ msgstr "" "parte del principal antes del signo '@'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" @@ -9540,12 +10102,12 @@ msgstr "" "(samAccountName={subject_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "{subject_pkinit_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -9556,7 +10118,7 @@ msgstr "" "principal antes del signo '@'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" @@ -9565,12 +10127,12 @@ msgstr "" "(uid={subject_pkinit_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "{subject_nt_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -9581,12 +10143,12 @@ msgstr "" "antes del signo '@'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "{subject_rfc822_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -9598,7 +10160,7 @@ msgstr "" "del signo '@'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" @@ -9607,12 +10169,12 @@ msgstr "" "short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "{subject_dns_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -9624,19 +10186,19 @@ msgstr "" "primer signo '.'." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" "Ejemplo: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "{subject_uri}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." @@ -9645,17 +10207,17 @@ msgstr "" "uniformResourceIdentifier del SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "Ejemplo: (uri={subject_uri})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "{subject_ip_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." @@ -9664,17 +10226,17 @@ msgstr "" "iPAddress del SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "Ejemplo: (ip={subject_ip_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "{subject_x400_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." @@ -9683,19 +10245,19 @@ msgstr "" "x400Address del SAN como secuencia hexadecimal escapada." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "Ejemplo: (attr:binary={subject_x400_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." @@ -9704,17 +10266,17 @@ msgstr "" "componente directoryName del SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "Ejemplo: (orig_dn={subject_directory_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "{subject_ediparty_name}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." @@ -9723,17 +10285,17 @@ msgstr "" "ediPartyName del SAN como secuencia hexadecimal escapada." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "Ejemplo: (attr:binary={subject_ediparty_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "{subject_registered_id}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." @@ -9742,12 +10304,12 @@ msgstr "" "registeredID del SAN como una cadena decimal con puntos.." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "Ejemplo: (oid={subject_registered_id})" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -9762,12 +10324,12 @@ msgstr "" "valores permitidos son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "LISTA DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -9937,7 +10499,7 @@ msgstr "" "este host. El nombre de host debe ser totalmente cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleano)" @@ -9957,7 +10519,7 @@ msgstr "" "otra manera utilizando la opción <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9978,12 +10540,12 @@ msgstr "" "usar <emphasis>dyndns_update</emphasis> en su fichero de configuración." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10010,12 +10572,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10044,39 +10606,45 @@ msgid "" "Default: Use the IP addresses of the interface which is used for IPA LDAP " "connection" msgstr "" +"Predeterminado: Usa las direcciones IP de la interfaz que es usada para la " +"conexión IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" -msgstr "" +msgstr "Ejemplo: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" -msgstr "" +msgstr "dyndns_auth (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " "option to 'none'." msgstr "" +"Si la utilidad nsupdate debe usar la autenticación GSS-TSIG para " +"actualizaciones seguras con el servidor DNS, las actualizaciones inseguras " +"se pueden enviar fijando esta opción a 'none'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" -msgstr "" +msgstr "Predeterminado: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:218 msgid "ipa_enable_dns_sites (boolean)" -msgstr "" +msgstr "ipa_enable_dns_sites (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" +"Habilita sitios DNS - descubrimiento de servicio basado en la ubicación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:225 @@ -10089,11 +10657,20 @@ msgid "" "discovery are treated as primary servers and the IPA servers located using " "the traditional SRV discovery are used as back up servers" msgstr "" +"Si es ciertp y descubrimiento de servicio (vea el párrafo Descubrimiento del " +"Servicio en la parte inferior de la página de manual) está habilitado, SSSD " +"primero intentará la localización basada en el descubrimiento usando una " +"consulta que contenga \"_location.hostname.example.com\" y después irá al " +"descubrimiento tradicional SRV. Si la localización basada en el " +"descubrimiento tiene éxito, los servidores IPA localizados con la " +"localización basada en el descubrimiento son tratados como servidores " +"primarios y los servidores IPA localizados usando el descubrimiento " +"tradicional SRV son usados como servidores de respaldo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" -msgstr "" +msgstr "dyndns_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:247 @@ -10102,18 +10679,25 @@ msgid "" "automatic update performed when the back end goes online. This option is " "optional and applicable only when dyndns_update is true." msgstr "" +"Con qué frecuencia el back-end debe realizar una actualización periódica de " +"DNS además de la actualización automática que se realiza cuando el back-end " +"se conecta. Esto es una posibilidad opcional y aplicable solo cuando " +"dyndns_update está a true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" -msgstr "" +msgstr "dyndns_update_ptr (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." msgstr "" +"Si el registro PTR debería ser explícitamente actualizado cuando se " +"actualizan los registros DNS del cliente. Aplicable solo cuando " +"dyndns_update está a true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:268 @@ -10121,77 +10705,92 @@ msgid "" "This option should be False in most IPA deployments as the IPA server " "generates the PTR records automatically when forward records are changed." msgstr "" +"Esta opción debería estar a False en la mayoría de los despliegues IPA " +"puesto que el servidor IPA genera los registros PTR automáticamente cuando " +"se cambian los registros que envía." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:274 msgid "Default: False (disabled)" -msgstr "" +msgstr "Predeterminado: False (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" -msgstr "" +msgstr "dyndns_force_tcp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" +"Si la utilidad nsupdate debería usar de manera predeterminada TCP cuando se " +"comunica con el servidor DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" -msgstr "" +msgstr "Predeterminado: False (permitir a nsupdate elegir el protocolol)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" -msgstr "" +msgstr "dyndns_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" +"El servidor DNA a usar cuando se lleva a cabo una actualización DNS update. " +"En la mayoría de las configuraciones se recomienda dejar esta opción sin " +"establecer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" +"El establecimiento de esta opción tiene sentido en entornos donde el " +"servidor DNS es distinto del servidor de identidad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" +"Tenga en cuenta que esta opción solo se usará en un intento de recuperación " +"cuando el intento anterior de usar la configuración autodetectada falló." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" -msgstr "" +msgstr "Predeterminado: None (permitir a nsupdate elegir el servidor)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" -msgstr "" +msgstr "dyndns_update_per_family (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " "in single step." msgstr "" +"La actualización DNS es llevada a cabo de manera predeterminada en dos pasos " +"- actualización IPv4 y después actualización IPv6. En algunos casos puede " +"ser deseable llevar a cabo la actualización IPv4 e IPv6 en un único paso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:332 msgid "ipa_deskprofile_search_base (string)" -msgstr "" +msgstr "ipa_deskprofile_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:335 @@ -10199,6 +10798,8 @@ msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" +"Opcional. Usa la cadena dada como base de búsqueda de los objetos " +"relacionados con Desktop Profile." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:339 sssd-ipa.5.xml:352 @@ -10225,7 +10826,7 @@ msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:361 msgid "Deprecated. Use ldap_host_search_base instead." -msgstr "" +msgstr "Obsoleto. Usa en su lugar ldap_host_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:367 @@ -10275,17 +10876,19 @@ msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:424 msgid "ipa_views_search_base (string)" -msgstr "" +msgstr "ipa_views_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:427 msgid "Optional. Use the given string as search base for views containers." msgstr "" +"Opcional. Usa la cadena dada como base de búsqueda de contenedores de vista." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:436 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" +"Predeterminado: el valor de <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:446 @@ -10306,34 +10909,40 @@ msgstr "" "convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" -msgstr "" +msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" +"Ruta absoluta de un directorio donde SSSD debe colocar fragmentos de " +"configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" +"Para deshabilitar la creación de fragmentos de configuración establezca el " +"parámetro a 'none'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" +"Predeterminado: no establecido (krb5.include.d subdirectorio del directorio " +"pubconf de SSSD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 msgid "ipa_deskprofile_refresh (integer)" -msgstr "" +msgstr "ipa_deskprofile_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:479 @@ -10342,16 +10951,19 @@ msgid "" "IPA server. This will reduce the latency and load on the IPA server if there " "are many desktop profiles requests made in a short period." msgstr "" +"La cantidad de tiempo entre búsquedas de reglas Desktop Profile contra el " +"servidor IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si " +"hay muchas solicitudes de perfiles de escritorio en un período corto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:492 msgid "ipa_deskprofile_request_interval (integer)" -msgstr "" +msgstr "ipa_deskprofile_request_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 @@ -10359,11 +10971,14 @@ msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" +"La cantidad de tiempo entre búsquedas de las reglas Desktop Profile contra " +"el servidor IPA en el caso de que la última petición no devolvió ninguna " +"regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:500 msgid "Default: 60 (minutes)" -msgstr "" +msgstr "Predeterminado: 60 (minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:506 @@ -10400,7 +11015,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:538 msgid "ipa_server_mode (boolean)" -msgstr "" +msgstr "ipa_server_mode (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:541 @@ -10408,6 +11023,8 @@ msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" +"Esta opción será establecida por el instalador IPA (ipa-server-install) " +"automáticamente y denota si SSSD está corriendo sobre un servidor IPA o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:546 @@ -10415,6 +11032,9 @@ msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" +"Sobre un servidor IPA SSSD buscara usuarios y grupos de los dominios de " +"confianza directamente mientras que sobre un cliente preguntará a un " +"servidor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:551 @@ -10422,6 +11042,8 @@ msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" +"NOTA: Actualmente hay algunas suposiciones que deben cumplirse cuando SSSD " +"se ejecuta en un servidor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:556 @@ -10430,6 +11052,9 @@ msgid "" "server itself. This is already the default set by the IPA installer, so no " "manual change is required." msgstr "" +"La opcion <quote>ipa_server</quote> debe configurarse para que apunte al " +"servidor IPA mismo. Esto está establecido de manera predeterminada por el " +"instalador IPA de modo que no se necesitan cambios manuales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:565 @@ -10437,6 +11062,8 @@ msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" +"La opción <quote>full_name_format</quote> no debe modificarse para imprimir " +"solo nombres cortos de los usuarios de los dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:580 @@ -10456,59 +11083,60 @@ msgstr "Por defecto: La localización llamada “default”" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:594 msgid "VIEWS AND OVERRIDES" -msgstr "" +msgstr "VISTAS Y ANULACIONES" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:603 msgid "ipa_view_class (string)" -msgstr "" +msgstr "ipa_view_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:606 msgid "Objectclass of the view container." -msgstr "" +msgstr "Objectclass del contenedorde vistas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:609 msgid "Default: nsContainer" -msgstr "" +msgstr "Predeterminado: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:615 msgid "ipa_view_name (string)" -msgstr "" +msgstr "ipa_view_name (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:618 msgid "Name of the attribute holding the name of the view." -msgstr "" +msgstr "Nombre del atributo que contiene el nombre de la vista." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:628 msgid "ipa_override_object_class (string)" -msgstr "" +msgstr "ipa_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:631 msgid "Objectclass of the override objects." -msgstr "" +msgstr "Objectclass de los objetos anulados." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:634 msgid "Default: ipaOverrideAnchor" -msgstr "" +msgstr "Predeterminado: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:640 msgid "ipa_anchor_uuid (string)" -msgstr "" +msgstr "ipa_anchor_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:643 @@ -10516,16 +11144,18 @@ msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" +"Nombre del atributo que contiene la referencia al objeto original en un " +"dominio remoto." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:647 msgid "Default: ipaAnchorUUID" -msgstr "" +msgstr "Predeterminado: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:653 msgid "ipa_user_override_object_class (string)" -msgstr "" +msgstr "ipa_user_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:656 @@ -10533,56 +11163,58 @@ msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" +"Nombre de los objectclass para los usuarios anulados. Se usa para determinar " +"si el objeto anulado encontrado está relacionado con un usuario o un grupo." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:661 msgid "User overrides can contain attributes given by" -msgstr "" +msgstr "Las anulaciones de usuario pueden contener atributos dados por" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:664 msgid "ldap_user_name" -msgstr "" +msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:667 msgid "ldap_user_uid_number" -msgstr "" +msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:670 msgid "ldap_user_gid_number" -msgstr "" +msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:673 msgid "ldap_user_gecos" -msgstr "" +msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:676 msgid "ldap_user_home_directory" -msgstr "" +msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:679 msgid "ldap_user_shell" -msgstr "" +msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:682 msgid "ldap_user_ssh_public_key" -msgstr "" +msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:687 msgid "Default: ipaUserOverride" -msgstr "" +msgstr "Predeterminado: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:693 msgid "ipa_group_override_object_class (string)" -msgstr "" +msgstr "ipa_group_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:696 @@ -10590,26 +11222,28 @@ msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" +"Nombre del objectclass para grupos anulados. Se usa para determinar si el " +"objeto anulado encontrado está relacionado con un usuario o un grupo." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:701 msgid "Group overrides can contain attributes given by" -msgstr "" +msgstr "Las anulaciones de grupo pueden contener atributos dados por" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:704 msgid "ldap_group_name" -msgstr "" +msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:707 msgid "ldap_group_gid_number" -msgstr "" +msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:712 msgid "Default: ipaGroupOverride" -msgstr "" +msgstr "Predeterminado: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:596 @@ -10620,6 +11254,11 @@ msgid "" "related options are listed here with their default values. <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" +"SSSD puede manejar vistas y anulaciones que son ofrecidas por FreeIPA 4.1 y " +"versiones posteriores. Como todas las rutas y objectclasses son fijadas en " +"el lado servidor no se necesita configurar nada. Para completar, las " +"opciones relacionadas son listadas aquí con sus valores predeterminados. " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:724 @@ -10658,105 +11297,141 @@ msgid "" "hour or after the IPA provider goes online, the subdomains provider is " "enabled again." msgstr "" +"Si la opción 'subdomains_provider' no está establecida en la sección dominio " +"de sssd.conf pero hay la opción 'id_provider = ipa', el proveedor de " +"subdominios IPA está configurado implícitamente. En este caso, si una " +"petición de subdominio falla e indica que el servidor no soporta " +"subdominios, i.e. no está configurado para confianza, el proveedor de " +"subdominios IPA está deshabilitado. Después de una hora o después de que el " +"proveedor IPA esté en línea, el proveedor de subdominios está habilitado " +"otra vez." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:747 msgid "TRUSTED DOMAINS CONFIGURATION" -msgstr "" +msgstr "CONFIGURACIÓN DE DOMINIOS DE CONFIANZA" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" "ad_server = dc.ad.domain.com\n" msgstr "" +"[domain/ipa.domain.com/ad.domain.com]\n" +"ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +#, fuzzy +#| msgid "" +#| "Some configuration options can be also set for a trusted domain. A " +#| "trusted domain configuration can either be done using a subsection, for " +#| "example: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" +"Algunas opciones de configuración pueden ser también establecidas para un " +"dominio de confianza. Una configuración de un dominio de confianza pede ser " +"hecha usando una subsección, por ejemplo: <placeholder type=\"programlisting" +"\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry> manual page for more details." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página " +"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" +"Se pueden ajustar diferentes opciones de configuración para un dominio de " +"confianza dependiendo de si usted está configurando SSSD sobre un servidor " +"IPA o un cliente IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" -msgstr "" +msgstr "OPCIONES AJUSTABLES EN IPA MAESTROS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" +"Se pueden establecer las siguientes opciones en una sección subdominio sobre " +"un IPA maestro:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" -msgstr "" +msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" -msgstr "" +msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" -msgstr "" +msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" -msgstr "" +msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" -msgstr "" +msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" -msgstr "" +msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" -msgstr "" +msgstr "OPCIONES AJUSTABLES SOBRE CLIENTES IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" +"Las siguientes opciones pueden ser establecidas en una sección subdominio " +"sobre un cliente IPA:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" +"Advierta que si ambas opciones están establecidas solo se evalúa " +"<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10768,9 +11443,19 @@ msgid "" "<manvolnum>8</manvolnum> </citerefentry> manual page for more details on the " "Kerberos locator plugin." msgstr "" +"Puesto que cualquier petición para una identidad de usuario o de grupo de un " +"dominio de confianza disparada desde un cliente IPA se resuelve por el " +"servidor IPA, las opciones <quote>ad_server</quote> y <quote>ad_site</quote> " +"solo afectan a que AD DC llevará a cabo la autenticación. En concreto, las " +"direcciones resueltas desde estas listas serán escritas a ficheros " +"<quote>kdcinfo</quote> leídos por el complemento localizador Kerberos. Por " +"favor vea la página de manual <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> para mas detalles sobre el complemento " +"localizador Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10781,7 +11466,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -10789,6 +11474,10 @@ msgid "" "ipa_server = ipaserver.example.com\n" "ipa_hostname = myhost.example.com\n" msgstr "" +"[domain/example.com]\n" +"id_provider = ipa\n" +"ipa_server = ipaserver.example.com\n" +"ipa_hostname = myhost.example.com\n" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ad.5.xml:10 sssd-ad.5.xml:16 @@ -10798,7 +11487,7 @@ msgstr "sssd-ad" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ad.5.xml:17 msgid "SSSD Active Directory provider" -msgstr "" +msgstr "Proveedor SSSD Active Directory" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:23 @@ -10825,6 +11514,12 @@ msgid "" "channel, SSL/TLS options should not be used with the AD provider and will be " "superseded by Kerberos usage." msgstr "" +"El proveedor AD es el punto final usado para conectar a un servidor Active " +"Directory. Este proveedor requiere que la máquina esté unida al dominio AD y " +"que una tabla de claves esté disponible. La comunicación con el punto final " +"se efectúa sobre un canal encriptado GSSAPI, las opciones SSL/TLS no " +"deberían ser usadas con el proveedor y serán reemplazadas por la utilización " +"Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:44 @@ -10844,6 +11539,10 @@ msgid "" "recognized. In addition servers from trusted domains are always auto-" "discovered." msgstr "" +"El proveedor AD puede ser usado para obtener información de usuario y " +"autenticar usuarios desde dominios de confianza. Actualmente solo se " +"reconocen los dominios de confianza del mismo bosque. Además, los servidores " +"de dominios de confianza siempre se descubren automáticamente." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:54 @@ -10857,6 +11556,14 @@ msgid "" "exceptions. However, it is neither necessary nor recommended to set these " "options." msgstr "" +"El proveedor AD habilita a SSSD para usar el proveedor de identidad " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> y el proveedor de autenticación <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> con optimizaciones para entornos Active Directory. El " +"proveedor AD provider aceptas las mismas opciones usadas por los proveedores " +"sssd-ldap y sssd-krb5 cn algunas excepciones. Sin embargo, no es necesario " +"ni recomendable establecer estas opciones." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:69 @@ -10865,6 +11572,10 @@ msgid "" "default options with some exceptions, the differences are listed in the " "<quote>MODIFIED DEFAULT OPTIONS</quote> section." msgstr "" +"El proveedor AD copia principalmente las opciones predeterminadas " +"tradicionales de los proveedores ldap y krb5 con algunas excepciones, las " +"diferencias están listadas en la sección <quote>OPCIONES PREDETERMINADAS " +"MODIFICADAS</quote>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:74 @@ -10873,6 +11584,9 @@ msgid "" "provider. No configuration of the access provider is required on the client " "side." msgstr "" +"El proveedor AD puede ser también usado como un proveedor de acceso chpass, " +"sudo y autofs. No se requiere configuración del proveedor de acceso en el " +"lado cliente." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:79 @@ -10881,6 +11595,9 @@ msgid "" "configured in sssd.conf then the id_provider must also be set to <quote>ad</" "quote>." msgstr "" +"Si está configurado <quote>auth_provider=ad</quote> o " +"<quote>access_provider=ad</quote> en sssd.conf id_provider debe ser también " +"establecido a <quote>ad</quote>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ad.5.xml:91 @@ -10911,6 +11628,22 @@ msgid "" "present in the Global Catalog, the non-replicated attributes are currently " "not read from the LDAP port." msgstr "" +"De manera predeterminada, el proveedor AD mapeará los valores UID y GID " +"desde el parámetro objectSID en Active Directory. Para detalles sobre esto, " +"vea la sección <quote>MAPEO DE ID</quote> abajo. Si usted desea deshabilitar " +"el mapeo de ID y en su lugar confiar en los atributos POSIX definidos en " +"Active Directory, usted debería establecer <placeholder type=\"programlisting" +"\" id=\"0\"/> Si se usarán los atributos POSIX, se recomienda que por " +"razones de rendimientos estos atributos sean también replicados en el " +"Catálogo Global. Si los atributos POSIX están replicados, SSSD intentará " +"localizar el dominio de una ID numérica pedida con la ayuda del Catálogo " +"Global y solo busca en ese dominio. Por el contrario, si los atributos POSIX " +"no están replicados en el Catálogo Global, SSSD debe buscar en todos los " +"dominios del bosque secuencialmente. Por favor advierta que la opción " +"<quote>cache_first</quote> option también podría ser útil para acelerar las " +"búsquedas sin dominio. Advierta que si en el Catálogo Global solo esta " +"presente un subconjunto de atributos POSIX, los atributos no replicados no " +"se leen actualmente desde el puerto LDAP." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:108 @@ -10919,6 +11652,9 @@ msgid "" "insensitive in the AD provider for compatibility with Active Directory's " "LDAP implementation." msgstr "" +"Los usuarios, grupos y otras entidades servidas por SSSD son tratadas " +"siempre como sensibles a mayúsculas y minúsculas en el proveedor AD por " +"compatibilidad con la implementación LDAP de Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:123 @@ -10949,11 +11685,13 @@ msgid "" "The short domain name (also known as the NetBIOS or the flat name) is " "autodetected by the SSSD." msgstr "" +"El nombre corto de dominio (también conocido como el NetBIOS o el nombre " +"pano) es autodetectado por SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:143 msgid "ad_enabled_domains (string)" -msgstr "" +msgstr "ad_enabled_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:146 @@ -10962,6 +11700,9 @@ msgid "" "SSSD will ignore any domains not listed in this option. If left unset, all " "domains from the AD forest will be available." msgstr "" +"Una lista separada por comas de dominios Active Directory habilitados. Si se " +"suministra, SSSD ignorará cualquier dominio no listado en esta opción. Si se " +"deja sin establecer, estarán disponibles todos los dominios del bosque AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> #: sssd-ad.5.xml:156 @@ -10970,6 +11711,8 @@ msgid "" "ad_enabled_domains = sales.example.com, eng.example.com\n" " " msgstr "" +"ad_enabled_domains = sales.example.com, eng.example.com\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:152 @@ -10978,6 +11721,9 @@ msgid "" "the fully qualified domain name of the Active Directory domain. For example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"Para una operativa apropiada, esta opción debe ser especificada en " +"minúsculas y con el nombre totalmente cualificado del dominio Active " +"Directory. Por ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:160 @@ -10985,6 +11731,8 @@ msgid "" "The short domain name (also known as the NetBIOS or the flat name) will be " "autodetected by SSSD." msgstr "" +"El nombre corto de dominio (también conocido como NetBIOS o el nombre plano) " +"será autodetectado por SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:170 @@ -10998,6 +11746,10 @@ msgid "" "connect in order of preference. For more information on failover and server " "redundancy, see the <quote>FAILOVER</quote> section." msgstr "" +"La lista separada por comas de nombres de host de los servidores AD a los " +"que SSSD debería conectarse en orden de preferencia. Para mas información " +"sobre conmutación por error y redundancia del servidor, vea la sección " +"<quote>CONMUTACIÓN POR ERROR</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:180 @@ -11005,6 +11757,9 @@ msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" +"Esto es opcional si el autodescubrimiento está habilitado. Para mas " +"información sobre el servicio de descubrimiento, vea la sección " +"<quote>SERVICIO DE DESCUBRIMIENTO</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:185 @@ -11012,6 +11767,9 @@ msgid "" "Note: Trusted domains will always auto-discover servers even if the primary " "server is explicitly defined in the ad_server option." msgstr "" +"Nota: Los dominios de confianza siempre detectarán automáticamente los " +"servidores aunque el servidor primario esté definido explícitamente en la " +"opción ad_server." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:193 @@ -11020,31 +11778,42 @@ msgstr "ad_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the IPA domain to identify this host. " +#| "The hostname must be fully qualified." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" -"Opcional. Puede ser fijada en máquinas donde el hostname(5) no refleja el " -"nombre totalmente cualificado usaro en el dominio Active Directory para " -"identificar este host." +"Opcional. Se puede establecer sobre máquinas donde el hostname(5) no refleje " +"el nombre totalmente cualificado usado en el dominio IPA para identificar " +"este host. El nombre de host debe ser totalmente cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "Este campo se usa para determinar el host principal en uso en la keytab. " "Debe coincidir con el nombre del host desde que se envío la keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" -msgstr "" +msgstr "ad_enable_dns_sites (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -11053,48 +11822,69 @@ msgid "" "DNS SRV configuration, including the discovery domain, is used during site " "discovery as well." msgstr "" +"Si esta a true y el servicio de descubrimiento (vea el párrafo Servicio de " +"Descubrimiento al final de la página de manual) está habiitado, SSSD " +"intentará primero descubrir el servidor Active Directory usando Active " +"Directory Site Discovery y recurre a loas registros DNS SRV si no encuentra " +"sitio AD. La configuración DNS SRV, incluyendo el descubrimiento de dominio, " +"se usa durante el descubrimiento de sitio también." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" -msgstr "" +msgstr "ad_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" +"Esta opción especifica el filtro de control de acceso LDAP con el que el " +"usuario debe coincidir con el objetivo de tener permitido el acceso. Por " +"favor advierta que la opción <quote>access_provider</quote> debe estar " +"establecida explícitamente a <quote>ad</quote> con el objetivo de que esta " +"opción tenga efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " "The keyword can be either <quote>DOM</quote>, <quote>FOREST</quote> or " "missing." msgstr "" +"Esta opción también soporta que se especifiquen diferentes filtros por " +"dominio o bosque. Este filtro extendido consiste en: <quote>KEYWORD:NAME:" +"FILTER</quote>. La palabra clave puede ser <quote>DOM</quote>, " +"<quote>FOREST</quote> o ninguna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " "keyword equals to <quote>FOREST</quote>, then the filter equals to all " "domains from the forest specified by <quote>NAME</quote>." msgstr "" +"Si la palabra clave es igual a <quote>DOM</quote> o es ninguna, <quote>NAME</" +"quote> especifica el dominio o subdominio al que se aplica el filtro. Si la " +"palabra clave es igual a <quote>FOREST</quote>, el filtro iguala a todos los " +"dominios del bosque especificado por <quote>NAME</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" +"Se pueden separar múltiples filtros con el carácter <quote>?</quote>, de " +"modo similar a como funcionan las bases de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -11105,18 +11895,30 @@ msgid "" "microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] section LDAP " "extensions</ulink>" msgstr "" +"La membresía de grupo anidada debe ser buscada usando una OID especial " +"<quote>:1.2.840.113556.1.4.1941:</quote> además de la sintaxis completa DOM:" +"domain.example.org: para asegurar que el analizador no intente interpretar " +"el carácter dos puntos asociado con el OID. Si usted no usa este OID la " +"membresía de grupo anidada no será resuelta. Vea el ejemplo de utlización " +"abajo y vaya aquí para ampliar información sobre OID: <ulink url=\"https://" +"msdn.microsoft.com/en-us/library/cc223367.aspx\"> [MS-ADTS] sección " +"extensiones LDAP</ulink>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" "domain filter would be applied. If there are more matches with the same " "specification, the first one is used." msgstr "" +"Siempre se usa la coincidencia mas especifica. Por ejemplo, si la opción " +"especifica un filtro pra un dominio del que el usuario es miembro y un " +"filtro global, se aplicará el filtro por dominio. Si hay mas coincidencias " +"con la misma especificación se usa la primera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -11132,49 +11934,72 @@ msgid "" "DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n" " " msgstr "" +"# aplicar filtro sobre el dominio llamado dom1 solo:\n" +"dom1:(memberOf=cn=admins,ou=groups,dc=dom1,dc=com)\n" +"\n" +"# aplicar filtro sobre el dominio llamado dom2 solo:\n" +"DOM:dom2:(memberOf=cn=admins,ou=groups,dc=dom2,dc=com)\n" +"\n" +"# aplicar filtro sobre un bosque llamado EXAMPLE.COM solo:\n" +"FOREST:EXAMPLE.COM:(memberOf=cn=admins,ou=groups,dc=example,dc=com)\n" +"\n" +"# aplicar filtro para un miembro de un grupo anidado en dom1:\n" +"DOM:dom1:(memberOf:1.2.840.113556.1.4.1941:=cn=nestedgroup,ou=groups,dc=example,dc=com)\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" -msgstr "" +msgstr "ad_site (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" +"Especifica el sitio AD al que el cliente intentará cnectar. Si no se " +"suministra esta opción se autodescubrirá el sitio AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" -msgstr "" +msgstr "ad_enable_gc (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " "as a fallback. Disabling this option makes the SSSD only connect to the LDAP " "port of the current AD server." msgstr "" +"De modo predeterminado, SSSD conecta primero al Catálogo Global para " +"recuperar usuarios de los dominios de confianza y usa el ouerto LDAP para " +"recuperar membresías de grupo o plan de reserva. Deshabilitando esta opción " +"hace que SSSD solo conecte al puerto LDAP del servidor AD actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " "port of trusted domains instead. However, Global Catalog must be used in " "order to resolve cross-domain group memberships." msgstr "" +"Por favor advierta que deshabilitando el soporte de Catálogo Global no " +"deshabilita la recogida de usuarios de los dominios de confianza. SSSD " +"conectaría al puerto LDAP de los dominios de confianza en su lugar. Sin " +"embargo, Catálogo Global debe ser usado con el objetivo de resolver las " +"membresías de grupo de dominio cruzado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" -msgstr "" +msgstr "ad_gpo_access_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -11182,27 +12007,46 @@ msgid "" "must be explicitly set to <quote>ad</quote> in order for this option to have " "an effect." msgstr "" +"Esta opción especifica el modo de operación para la funcionalidad de control " +"de acceso basado en GPO: si opera en modo deshabilitado, modo reforzado o " +"modo permisivo. Por favor advierta que la opción <quote>access_provider</" +"quote> debe ser explícitamente establecida a <quote>ad</quote> con el " +"objetivo de que esta opción tenga efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " "information on the supported policy settings please refer to the " "<quote>ad_gpo_map</quote> options." msgstr "" +"La funcionalidad de control de acceso basado en GPO usa ajustes de política " +"GPO para determinar si un usuario concreto tiene autorizado acceder al host. " +"Para mas información sobre los ajustes de política soportados vea las " +"opciones <quote>ad_gpo_map</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 +#, fuzzy +#| msgid "" +#| "Please note that current version of SSSD does not support Active " +#| "Directory's built-in groups. Built-in groups (such as Administrators " +#| "with SID S-1-5-32-544) in GPO access control rules will be ignored by " +#| "SSSD. See upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" +"Por favor advierta que la actual versión de SSSD no soporta grupos " +"incorporados de Active Directory. Los grupos incorporados (como " +"Administradores con SID S-1-5-32-544) en las reglas de control de acceso GPO " +"serán ignorados por SSSD. Vea https://pagure.io/SSSD/sssd/issue/4099 ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -11210,23 +12054,32 @@ msgid "" "a user, the user or at least one of the groups to which it belongs must have " "following permissions on the GPO:" msgstr "" +"Antes de realizar el control de acceso, SSSD aplica el filtrado de seguridad " +"de la política de grupo en los GPO. Por cada inicio de sesión de usuario, la " +"aplicabilidad de los GPOs que están enlazados al host es chequeado. Para que " +"un GPO se aplique a un usuario, el usuario o al menos uno de los grupos a " +"los que pertenece debe tener los siguientes permisos en el GPO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" +"Lectura: El usuario o uno de sus grupos debe tener acceso de lectura a las " +"propiedad de la GPO (RIGHT_DS_READ_PROPERTY)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" +"Aplicar Política de Grupo: El usuario o al menos uno de sus grupos debe " +"tener permiso para aplicar la GPO (RIGHT_DS_CONTROL_ACCESS)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -11234,17 +12087,15 @@ msgid "" "and access control are started, the Authenticated Users group permissions on " "the GPO always apply also to the user." msgstr "" +"Por defecto, el grupo Usuarios Autenticados está presente sobre un GPO y " +"este grupo tiene derechos de acceso tanto de Lectura como de Aplicar " +"Política de Grupo. Puesto que la autenticación de un usuario debe haberse " +"completado con éxito antes del filtrado de seguridad GPO y el control de " +"acceso está arrancado, los permisos del grupo Usuarios Autenticados sobre el " +"GPO se aplicarán siempre también al usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -11257,48 +12108,68 @@ msgid "" "functions' is required (see <citerefentry> <refentrytitle>sssctl</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page)." msgstr "" +"AVISO: Si el modo operativo está establecido en enforcing (hacer cumplir), " +"es posible que a usuarios que antes se les permitía el acceso se les " +"deniegue ahora (como dictan los ajustes de política GPO). Con el objetivo de " +"facilitar una transición suave a los administradores, hay un modo permisivo " +"disponible que no aplicará las reglas de control de acceso, pero as evaluará " +"y sacará un mensaje de registro de sistema si el acceso debería haber sido " +"denegado. Examinando los registros los administradores pueden hacer los " +"cambios necesario antes de establecer el modo enforcing. Para registrar el " +"control de acceso basado en GPO, se requiere un nivel de depuración " +"'funciones de rastreo' (vea las páginas de manual <citerefentry> " +"<refentrytitle>sssctl</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" -msgstr "" +msgstr "Hay tres valores soportados para esta opción:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" +"disabled (deshabilitado): Las reglas de control de acceso basadas en GPO no " +"son evaluadas ni aplicadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" +"enforcing (hacer cumplir): Las reglas de control de acceso basadas en GPO " +"son evaluadas y aplicadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " "have been denied access if this option's value were set to enforcing." msgstr "" +"permissive (permisivo): Las reglas de control de acceso GPO son evaluadas " +"pero no se hacen cumplir. En su lugar, se emitirá un mensaje de registro de " +"sistema indicando que se hubiera denegado el acceso al sistema del usuario " +"si el valor de la opción estuviera establecido en enforcing." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" -msgstr "" +msgstr "Predeterminado: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" -msgstr "" +msgstr "Predeterminado: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" -msgstr "" +msgstr "ad_gpo_implicit_deny (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -11307,14 +12178,21 @@ msgid "" "because it can deny access even to users in the built-in Administrators " "group if no GPO rules apply to them." msgstr "" +"Normalmente cuando no se encuentras GPOs aplicables los usuarios tienen " +"permitido el acceso. Cuando se establece esta opción a True los usuarios " +"tendrán permitido el acceso solo cuando este explícitamente permitido por " +"una regla GPO. En otro caso el acceso de usuarios será denegado. Esto se " +"puede usar para fortalecer la seguridad, pero tenga cuidado al usar esta " +"opción, ya que puede denegar el acceso incluso a los usuarios en el grupo de " +"administradores integrados si no se aplican reglas de GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" -msgstr "" +msgstr "ad_gpo_ignore_unreadable (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -11322,14 +12200,19 @@ msgid "" "policies if their attributes in group policy containers are not readable for " "SSSD." msgstr "" +"Normalmente cuando algunos contenedores de políticas de grupo (objeto AD) de " +"pbjetos aplicables de políticas de grupo no son legibles por SSSD se les " +"niega el acceso a los usuarios. Esta opción permite ignorar los contenedores " +"de política de grupo y con ello las políticas asociadas si sus atributos en " +"los contenedores de política de grupo no son legibles por SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11337,12 +12220,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11358,14 +12241,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11373,7 +12256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11385,42 +12268,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11436,7 +12319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11444,7 +12327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11452,7 +12335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11464,22 +12347,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11495,7 +12378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11503,7 +12386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11511,7 +12394,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11523,22 +12406,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11553,14 +12436,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11568,7 +12451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11580,23 +12463,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11612,14 +12495,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11627,7 +12510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11638,19 +12521,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11658,7 +12541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11670,29 +12553,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11700,12 +12583,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11718,57 +12601,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11776,17 +12659,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11796,12 +12679,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (booleano)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11812,19 +12727,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11834,12 +12749,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11850,7 +12765,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11874,7 +12789,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11886,7 +12801,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11897,7 +12812,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11907,7 +12822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12480,16 +13395,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " -#| "client applications will not use the fast in-memory cache." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"AVISO: Si la variable de entorno SSS_NSS_USE_MEMCACHE estça fijada a \"NO\", " -"las aplicaciones clientes no usaran la memoria cache rápida." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -13131,9 +14040,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13630,21 +14547,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " -#| "more information on the locator plugin." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"Vea la página de manual <citerefentry> " -"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry> para más información sobre el complemento " -"localizador." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -16323,26 +17231,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of the AD provider for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " -#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"Esta página de manual describe la configuración del proveedor AD para " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Para una referencia detallada de sintaxis, vea la sección " -"<quote>FILE FORMAT</quote> de la página de manual <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -16371,10 +17265,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (entero)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -16388,10 +17280,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id, max_id (entero)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -16402,17 +17292,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Predeterminado: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (entero)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -16423,10 +17309,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Predeterminado: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -16627,17 +17511,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "auth sufficient pam_sss.so allow_missing_name\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 @@ -16906,10 +17785,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -16928,28 +17805,16 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "Proveedor SSSD LDAP" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -16957,11 +17822,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"Esta página de manual describe la configuración de dominios LDAP para " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Vea la sección <quote>FILE FORMAT</quote> de la página de " -"manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> para información detallada de la sintáxis." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -17850,10 +18710,8 @@ msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -18083,10 +18941,8 @@ msgstr "Atributo LDAP que contiene las UUID/GUID de un objeto host LDAP." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "SECCIONES DE SERVICIOS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -18334,10 +19190,140 @@ msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "OPCIONES AUTOFS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_host_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_host_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a host entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "El objeto clase de una entrada host en LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Default: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_name (string)" +msgstr "ldap_host_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" +"El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_host_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the host's SSH public keys." +msgid "The LDAP attribute that contains the IP host address." +msgstr "Atributo LDAP que contiene las claves públicas SSH del host." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "Predeterminado: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "La clase de objeto de una entrada netgroup en LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Por defecto: contraseña" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" +"El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "Predeterminado: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -18517,8 +19503,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -18649,10 +19635,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (entero)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -19276,12 +20260,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -19290,7 +20281,7 @@ msgstr "" "serios y datos de función use 0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -19300,21 +20291,21 @@ msgstr "" "interno use 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -19622,8 +20613,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech," +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech," #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -19781,25 +20774,38 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "The background refresh will process users, groups and netgroups in the " -#~ "cache." +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." #~ msgstr "" -#~ "El refresco en segundo plano procesará usuarios grupos y grupos de red en " -#~ "la caché." +#~ "La ficha de autenticación del enlazador DN por defecto. Sólo se soportan " +#~ "actualmente password de texto claro." -#~ msgid "Default: homeDirectory" -#~ msgstr "Predeterminado: homeDirectory" +#~ msgid "" +#~ "In addition, some options can be set in the parent domain and inherited " +#~ "by the trusted domain using the <quote>subdomain_inherit</quote> option. " +#~ "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" +#~ "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." +#~ msgstr "" +#~ "Además, algunas opciones pueden ser establecidas en un dominio padre y " +#~ "heredadas por los dominios de confianza usando la opción " +#~ "<quote>subdomain_inherit</quote>. Para mas detalles, vea la página de " +#~ "manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +#~ "<manvolnum>5</manvolnum> </citerefentry>." -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (entero)" +#~ msgid "" +#~ "Optional. May be set on machines where the hostname(5) does not reflect " +#~ "the fully qualified name used in the Active Directory domain to identify " +#~ "this host." +#~ msgstr "" +#~ "Opcional. Puede ser fijada en máquinas donde el hostname(5) no refleja el " +#~ "nombre totalmente cualificado usaro en el dominio Active Directory para " +#~ "identificar este host." #~ msgid "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "NOTE: The current version of SSSD does not support host (computer) " +#~ "entries in the GPO 'Security Filtering' list. Only user and group entries " +#~ "are supported. Host entries in the list have no effect." #~ msgstr "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "AVISO: La actual versión de SSSD no soporta entradas de host (ordenador) " +#~ "en la lista GPO 'Filtrado de Seguridad'. Solo se soportan entradas de " +#~ "usuario y grupo. Las entradas de host en la lista no tienen efecto." diff --git a/src/man/po/eu.po b/src/man/po/eu.po index 60d333c050..779c435fc2 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-14 11:55+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -293,10 +293,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -315,21 +315,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -353,8 +354,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -369,7 +370,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -449,7 +450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -469,12 +470,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -482,39 +483,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -523,7 +524,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -652,8 +653,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -874,12 +875,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -963,8 +964,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1040,7 +1041,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1100,8 +1101,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1178,7 +1179,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1196,7 +1197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1706,7 +1707,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1719,7 +1720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1733,7 +1734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1796,8 +1797,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1862,8 +1863,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1875,64 +1876,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1940,7 +1941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1952,63 +1953,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2016,12 +2017,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2032,15 +2033,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2048,7 +2049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2056,13 +2057,67 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +msgid "Default: no_session" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2073,24 +2128,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2100,22 +2155,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2123,51 +2178,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2176,12 +2231,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2191,36 +2246,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2231,7 +2310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2242,24 +2321,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2267,12 +2346,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2281,24 +2360,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2308,66 +2387,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2375,17 +2454,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2393,7 +2472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2401,22 +2480,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2425,14 +2504,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2441,38 +2520,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2481,24 +2560,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2507,29 +2586,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2543,14 +2622,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2559,39 +2638,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2600,19 +2679,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2623,115 +2702,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2740,42 +2843,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2783,24 +2898,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2809,17 +2924,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2828,34 +2943,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2863,7 +2978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2871,8 +2986,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2881,8 +2996,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2890,19 +3005,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2911,7 +3026,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2919,22 +3034,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2946,7 +3063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2954,19 +3071,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2974,7 +3091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2982,35 +3099,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3018,19 +3135,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3039,7 +3156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3047,29 +3164,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3077,7 +3194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3085,35 +3202,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3121,32 +3238,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3157,7 +3274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3166,12 +3283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3179,7 +3296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3187,31 +3304,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3219,7 +3336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3228,17 +3345,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3246,43 +3363,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3290,7 +3407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3298,7 +3415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3306,24 +3423,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3331,12 +3448,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3346,7 +3504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3355,29 +3513,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3385,7 +3543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3395,59 +3553,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3456,77 +3614,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3534,7 +3692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3543,17 +3701,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3561,34 +3719,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3596,32 +3754,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3631,34 +3789,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3667,19 +3825,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3687,24 +3845,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3713,24 +3871,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3740,14 +3898,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3755,21 +3913,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3777,7 +3935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3786,7 +3944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3795,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3803,29 +3961,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3833,12 +3991,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3847,12 +4018,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3860,19 +4031,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3889,7 +4060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3897,17 +4068,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3916,7 +4087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3926,7 +4097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3946,12 +4117,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3959,73 +4130,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4033,17 +4204,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4052,17 +4223,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4070,17 +4241,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4088,17 +4259,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4109,69 +4280,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4184,7 +4355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4192,7 +4363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4201,55 +4372,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4258,17 +4429,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4276,26 +4447,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4304,17 +4475,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4324,7 +4495,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4333,59 +4504,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4393,14 +4564,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4408,7 +4579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4416,12 +4587,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4451,7 +4622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4460,7 +4631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4468,7 +4639,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4479,7 +4650,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4493,7 +4664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4643,7 +4814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4815,25 +4986,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4842,24 +5018,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4867,7 +5043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4876,12 +5052,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4889,7 +5065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4899,7 +5075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4909,34 +5085,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4944,22 +5120,32 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4967,7 +5153,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4975,12 +5161,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4988,12 +5174,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5004,12 +5190,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5018,12 +5204,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5032,34 +5218,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 -msgid "Default: 900 (15 minutes)" +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 +msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5067,14 +5272,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5082,17 +5287,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5102,12 +5307,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5115,17 +5320,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5133,7 +5351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5144,7 +5362,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5153,7 +5371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5161,26 +5379,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5188,7 +5406,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5196,7 +5414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5204,41 +5422,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5247,32 +5465,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5280,24 +5498,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5305,17 +5523,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5326,24 +5544,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5354,12 +5572,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5372,7 +5590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5384,17 +5602,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5402,49 +5620,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5452,28 +5670,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5485,7 +5703,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5493,7 +5711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5501,39 +5719,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5543,7 +5761,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5551,26 +5769,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5578,7 +5796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5586,31 +5804,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5619,56 +5837,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5684,12 +5902,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5698,14 +5916,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5714,24 +5932,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5739,19 +5957,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5760,7 +5978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5768,7 +5986,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5777,7 +5995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5785,22 +6003,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5810,14 +6028,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5830,12 +6048,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5845,7 +6063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5855,63 +6073,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5920,74 +6138,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5998,7 +6216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6006,24 +6224,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6040,12 +6258,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6053,36 +6271,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6090,14 +6308,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6107,101 +6325,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6210,59 +6428,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6271,22 +6489,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6295,14 +6513,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6310,7 +6528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6323,27 +6541,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6359,13 +6577,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6505,142 +6723,392 @@ msgid "<option>domains</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:152 -msgid "" -"Allows the administrator to restrict the domains a particular PAM service is " -"allowed to authenticate against. The format is a comma-separated list of " -"SSSD domain names, as specified in the sssd.conf file." +#: pam_sss.8.xml:152 +msgid "" +"Allows the administrator to restrict the domains a particular PAM service is " +"allowed to authenticate against. The format is a comma-separated list of " +"SSSD domain names, as specified in the sssd.conf file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:158 +msgid "" +"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " +"and <quote>pam_public_domains</quote> options. Please see the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for more information on these two PAM " +"responder options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:158 -msgid "" -"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " -"and <quote>pam_public_domains</quote> options. Please see the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more information on these two PAM " -"responder options." +#: pam_sss.8.xml:390 +msgid "The user account has expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6648,7 +7116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6660,7 +7128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7055,168 +7523,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7224,62 +7705,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7287,17 +7768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7306,129 +7787,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7439,12 +7920,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7452,7 +7933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7464,7 +7945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7473,7 +7954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7483,12 +7964,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7496,40 +7977,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7537,19 +8018,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7559,17 +8040,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7577,19 +8058,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7597,19 +8078,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7617,12 +8098,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7630,19 +8111,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7650,116 +8131,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7769,12 +8250,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7895,7 +8376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7910,7 +8391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7925,12 +8406,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7951,12 +8432,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7980,17 +8461,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -7998,7 +8479,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8008,7 +8489,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8025,7 +8506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8038,12 +8519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8062,60 +8543,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8229,26 +8710,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8267,7 +8748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8404,6 +8885,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8576,7 +9058,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8586,88 +9068,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8681,7 +9163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8689,7 +9171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8914,25 +9396,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8943,12 +9427,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8957,7 +9441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8966,7 +9450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8975,14 +9459,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -8995,7 +9479,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9004,7 +9488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9022,24 +9506,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9048,7 +9532,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9057,12 +9541,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9072,7 +9556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9081,16 +9565,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9100,21 +9584,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9124,15 +9608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9147,23 +9623,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9171,22 +9647,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9197,12 +9673,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9212,12 +9688,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9225,12 +9701,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9246,14 +9722,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9261,7 +9737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9273,42 +9749,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9324,7 +9800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9332,7 +9808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9340,7 +9816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9352,22 +9828,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9383,7 +9859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9391,7 +9867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9399,7 +9875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9411,22 +9887,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9441,14 +9917,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9456,7 +9932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9468,23 +9944,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9500,14 +9976,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9515,7 +9991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9526,19 +10002,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9546,7 +10022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9558,29 +10034,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9588,12 +10064,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9606,57 +10082,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9664,17 +10140,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9684,12 +10160,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9700,19 +10206,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9722,12 +10228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9735,7 +10241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9750,7 +10256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9759,7 +10265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9767,7 +10273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9777,7 +10283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10819,7 +11325,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -15655,6 +16161,100 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +msgid "Default: ipHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +msgid "Default: ipHostNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +msgid "Default: ipNetwork" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15801,8 +16401,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16459,40 +17059,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16774,7 +17381,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/fi.po b/src/man/po/fi.po index 34eec244aa..d43a93b202 100644 --- a/src/man/po/fi.po +++ b/src/man/po/fi.po @@ -1,9 +1,9 @@ # Toni Rantala <trantalafilo@gmail.com>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2017-03-24 08:46+0000\n" "Last-Translator: Toni Rantala <trantalafilo@gmail.com>\n" "Language-Team: Finnish\n" @@ -288,10 +288,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Oletus:tosi" @@ -310,21 +310,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Oletus:epätosi" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -348,8 +349,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -364,7 +365,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -444,7 +445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -464,12 +465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -477,39 +478,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -518,7 +519,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -647,8 +648,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -757,10 +758,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: false" msgid "Default: sha256" -msgstr "Oletus:epätosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -871,12 +870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -960,8 +959,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1037,7 +1036,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1097,8 +1096,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1175,7 +1174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1193,7 +1192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1703,7 +1702,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1716,7 +1715,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1730,7 +1729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1793,8 +1792,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1859,8 +1858,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1872,64 +1871,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1937,7 +1936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1949,63 +1948,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2013,12 +2012,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2029,15 +2028,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2045,7 +2044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2053,13 +2052,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: not set" +msgid "Default: no_session" +msgstr "Oletus: ei asetettu" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2070,24 +2125,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2097,22 +2152,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2120,51 +2175,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2173,12 +2228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2188,38 +2243,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Oletus: ei asetettu(välilyöntejä ei korvata)" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2230,7 +2307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2241,24 +2318,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2266,12 +2343,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2280,24 +2357,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2307,66 +2384,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2374,17 +2451,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2392,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2400,22 +2477,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2424,14 +2501,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2440,38 +2517,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2480,24 +2557,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2506,29 +2583,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2542,14 +2619,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2558,39 +2635,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2599,19 +2676,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2622,115 +2699,143 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "enum_cache_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "enum_cache_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2739,42 +2844,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2782,24 +2899,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2808,17 +2925,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2827,34 +2944,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2862,7 +2979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2870,8 +2987,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2880,8 +2997,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2889,19 +3006,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2910,7 +3027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2918,22 +3035,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2945,7 +3064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2953,19 +3072,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2973,7 +3092,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2981,35 +3100,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3017,19 +3136,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3038,7 +3157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3046,29 +3165,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3076,7 +3195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3084,35 +3203,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3120,32 +3239,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3156,7 +3275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3165,12 +3284,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3178,7 +3297,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3186,31 +3305,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3218,7 +3337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3227,17 +3346,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3245,43 +3364,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3289,7 +3408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3297,7 +3416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3305,24 +3424,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3330,12 +3449,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3345,7 +3505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3354,29 +3514,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3384,7 +3544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3394,59 +3554,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3455,77 +3615,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3533,7 +3693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3542,17 +3702,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3560,34 +3720,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3597,32 +3757,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3632,34 +3792,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3668,19 +3828,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3688,24 +3848,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3714,24 +3874,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3741,14 +3901,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3756,21 +3916,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3778,7 +3938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3787,7 +3947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3796,7 +3956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3804,29 +3964,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3834,12 +3994,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3848,12 +4021,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3861,19 +4034,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3890,7 +4063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3898,17 +4071,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3917,7 +4090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3927,7 +4100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3947,12 +4120,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3960,73 +4133,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4034,17 +4207,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4053,17 +4226,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4071,17 +4244,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4089,17 +4262,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4110,69 +4283,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4185,7 +4358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4193,7 +4366,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4202,55 +4375,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4259,17 +4432,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4277,26 +4450,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4305,17 +4478,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4325,7 +4498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4334,59 +4507,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4394,14 +4567,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4409,7 +4582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4417,12 +4590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4452,7 +4625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4461,7 +4634,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4469,7 +4642,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4480,7 +4653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4494,7 +4667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4644,7 +4817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4816,25 +4989,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4843,24 +5021,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4868,7 +5046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4877,12 +5055,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4890,7 +5068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4900,7 +5078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4910,34 +5088,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4945,22 +5123,32 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4968,7 +5156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4976,12 +5164,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4989,12 +5177,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5005,12 +5193,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5019,12 +5207,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5033,34 +5221,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5068,14 +5275,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5083,17 +5290,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5103,12 +5310,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5116,17 +5323,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5134,7 +5354,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5145,7 +5365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5154,7 +5374,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5162,26 +5382,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5189,7 +5409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5197,7 +5417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5205,41 +5425,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5248,32 +5468,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5281,24 +5501,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5306,17 +5526,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5327,24 +5547,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5355,12 +5575,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5373,7 +5593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5385,17 +5605,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5403,49 +5623,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5453,28 +5673,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5486,7 +5706,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5494,7 +5714,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5502,39 +5722,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5544,7 +5764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5552,26 +5772,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5579,7 +5799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5587,31 +5807,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5620,56 +5840,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5685,12 +5905,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5699,14 +5919,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5715,24 +5935,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5740,19 +5960,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5761,7 +5981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5769,7 +5989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5778,7 +5998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5786,22 +6006,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5811,14 +6031,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5831,12 +6051,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5846,7 +6066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5856,63 +6076,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5921,74 +6141,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5999,7 +6219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6007,24 +6227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6041,12 +6261,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6054,36 +6274,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6091,14 +6311,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6108,101 +6328,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6211,59 +6431,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6272,22 +6492,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6296,14 +6516,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6311,7 +6531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6324,27 +6544,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6360,13 +6580,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6544,104 +6764,354 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6649,7 +7119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6661,7 +7131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7056,168 +7526,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7225,62 +7708,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7288,17 +7771,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7307,129 +7790,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7440,12 +7923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7453,7 +7936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7465,7 +7948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7474,7 +7957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7484,12 +7967,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7497,40 +7980,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7538,19 +8021,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7560,17 +8043,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7578,19 +8061,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7598,19 +8081,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7618,12 +8101,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7631,19 +8114,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7651,116 +8134,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7770,12 +8253,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7896,7 +8379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7911,7 +8394,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7926,12 +8409,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7952,12 +8435,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7981,17 +8464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -7999,7 +8482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8009,7 +8492,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8026,7 +8509,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8039,12 +8522,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8063,60 +8546,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8230,26 +8713,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8268,7 +8751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8405,6 +8888,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8577,7 +9061,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8587,88 +9071,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8682,7 +9166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8690,7 +9174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8915,25 +9399,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8944,12 +9430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8958,7 +9444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8967,7 +9453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8976,14 +9462,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -8996,7 +9482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9005,7 +9491,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9023,24 +9509,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9049,7 +9535,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9058,12 +9544,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9073,7 +9559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9082,16 +9568,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9101,21 +9587,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9125,15 +9611,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9148,23 +9626,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9172,22 +9650,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9198,12 +9676,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9213,12 +9691,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9226,12 +9704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9247,14 +9725,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9262,7 +9740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9274,42 +9752,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9325,7 +9803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9333,7 +9811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9341,7 +9819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9353,22 +9831,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9384,7 +9862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9392,7 +9870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9400,7 +9878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9412,22 +9890,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9442,14 +9920,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9457,7 +9935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9469,23 +9947,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9501,14 +9979,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9516,7 +9994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9527,19 +10005,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9547,7 +10025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9559,29 +10037,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9589,12 +10067,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9607,57 +10085,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9665,17 +10143,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9685,12 +10163,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "debug_timestamps (bool)" +msgid "ad_use_ldaps (bool)" +msgstr "debug_timestamps (bool)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9701,19 +10211,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9723,12 +10233,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9736,7 +10246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9751,7 +10261,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9760,7 +10270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9768,7 +10278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9778,7 +10288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10820,7 +11330,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13870,10 +14380,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -13887,10 +14395,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_uid_ccaches (integer)" -msgstr "enum_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -13901,17 +14407,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: true" msgid "Default: 64" -msgstr "Oletus:tosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccache_size (integer)" -msgstr "enum_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -13922,10 +14424,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: true" msgid "Default: 65536" -msgstr "Oletus:tosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15666,6 +16166,108 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: not set" +msgid "Default: ipHost" +msgstr "Oletus: ei asetettu" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipHostNumber" +msgstr "Oletus:tosi" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetwork" +msgstr "Oletus:tosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetworkNumber" +msgstr "Oletus:tosi" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15812,8 +16414,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16470,40 +17072,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16785,7 +17394,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/fr.po b/src/man/po/fr.po index adea5d1a68..9c67508368 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -14,9 +14,9 @@ # Jérôme Fenal <jfenal@gmail.com>, 2016. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:09+0200\n" "PO-Revision-Date: 2016-03-19 03:04+0000\n" "Last-Translator: Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -337,10 +337,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" @@ -362,21 +362,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -400,8 +401,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" @@ -416,7 +417,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Paramètres de sections" @@ -505,7 +506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -527,12 +528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -544,33 +545,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -580,7 +581,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -590,8 +591,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Chaque domaine peut avoir une chaîne de format individuelle configurée. " @@ -599,10 +604,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (booléen)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -618,21 +621,11 @@ msgstr "try_inotify (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD gère l'état de resolv.conf pour identifier les besoins de mise à jour " -"des résolutions DNS internes. Par défaut, l'utilisation de inotify sera " -"tentée, et reviendra à une interrogation de resolv.conf toutes les cinq " -"secondes si inotify échoue." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -742,13 +735,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:420 -#, fuzzy -#| msgid "" -#| "Please note that if this option is set all users from the primary domain " -#| "have to use their fully qualified name, e.g. user@domain.name, to log in. " -#| "Setting this option changes default of use_fully_qualified_names to True. " -#| "It is not allowed to use this option together with " -#| "use_fully_qualified_names set to False." msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -759,16 +745,10 @@ msgid "" "nss_files and therefore their output is not qualified even when the " "default_domain_suffix option is used." msgstr "" -"Noter que, si cette option est définie, tous les utilisateurs du domaine " -"principal doivent utiliser leur nom pleinement qualifié, par exemple " -"user@domain.name, pour se connecter. L'utilisation de cette option modifie " -"la valeur par défaut de use_fully_qualified_names à True. Il n'est pas " -"possible ni autorisé d'utiliser cette option avec l'option " -"use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -883,10 +863,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Par défaut : 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -997,12 +975,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -1086,8 +1064,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Par défaut : non défini" @@ -1178,7 +1156,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Par défaut : 60" @@ -1238,8 +1216,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Par défaut : 300" @@ -1333,7 +1311,7 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Par défaut : 50" @@ -1355,7 +1333,7 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Par défaut : 15" @@ -1934,7 +1912,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." @@ -1950,7 +1928,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1969,7 +1947,7 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" @@ -2037,8 +2015,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Par défaut : aucun" @@ -2103,8 +2081,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" @@ -2116,64 +2094,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2181,7 +2159,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2193,63 +2171,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2257,12 +2235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2273,15 +2251,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2289,7 +2267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2297,13 +2275,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Par défaut : aucun" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2320,12 +2354,12 @@ msgstr "" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2334,12 +2368,12 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2349,22 +2383,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2376,23 +2410,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2400,12 +2434,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2414,17 +2448,17 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2433,14 +2467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_certificate (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2450,38 +2482,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Par défaut : non défini (les espaces ne seront pas remplacées)" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2492,7 +2546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2503,7 +2557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2512,19 +2566,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2535,14 +2589,14 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2555,24 +2609,24 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2582,66 +2636,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2649,17 +2703,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2667,7 +2721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2675,22 +2729,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2699,14 +2753,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2715,31 +2769,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2748,7 +2802,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2761,7 +2815,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2770,17 +2824,17 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2789,29 +2843,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2825,7 +2879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2835,7 +2889,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2849,7 +2903,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2858,32 +2912,32 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2897,12 +2951,12 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2911,7 +2965,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2929,17 +2983,17 @@ msgstr "" "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2948,19 +3002,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2969,12 +3023,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2983,12 +3037,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2997,12 +3051,32 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (entier)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées " +"d'utilisateurs comme valides avant de les redemander au moteur." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3011,12 +3085,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3025,12 +3099,12 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3039,12 +3113,32 @@ msgstr "" "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (entier)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées " +"comme valides avant de les redemander au moteur" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3054,7 +3148,7 @@ msgstr "" "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3063,47 +3157,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3111,24 +3217,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3141,17 +3247,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3164,17 +3270,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3182,18 +3288,18 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3201,7 +3307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3213,8 +3319,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3227,8 +3333,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3240,12 +3346,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3255,7 +3361,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3269,7 +3375,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3281,22 +3387,26 @@ msgstr "" "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +#, fuzzy +#| msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3308,7 +3418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3316,12 +3426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3330,7 +3440,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3342,7 +3452,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3353,7 +3463,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3361,18 +3471,18 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3381,12 +3491,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3397,7 +3507,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3406,12 +3516,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3424,7 +3534,7 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3432,22 +3542,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3456,7 +3566,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3464,7 +3574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3476,7 +3586,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3484,14 +3594,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3500,19 +3610,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3524,7 +3634,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3533,7 +3643,7 @@ msgstr "" "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3542,20 +3652,20 @@ msgstr "" "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3566,7 +3676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3575,12 +3685,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3591,7 +3701,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3603,14 +3713,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3619,12 +3729,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3634,7 +3744,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3646,7 +3756,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3655,18 +3765,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3674,37 +3784,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3712,7 +3822,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3724,7 +3834,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3736,7 +3846,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3744,17 +3854,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3763,7 +3873,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3775,12 +3885,82 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"Le fournisseur qui doit gérer le changement des mots de passe pour le " +"domaine. Les fournisseurs pris en charge sont :" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> pour charger les cartes stockées dans LDAP. Cf. " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> pour plus d'informations sur la configuration de " +"LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>ldap</quote> pour charger les cartes stockées dans LDAP. Cf. " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> pour plus d'informations sur la configuration de " +"LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" +"<quote>none</quote> désactive la récupération explicite des sous-domaines." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3796,7 +3976,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3809,22 +3989,22 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3834,7 +4014,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3845,7 +4025,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3855,17 +4035,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3874,48 +4054,48 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3924,25 +4104,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3951,54 +4131,54 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4010,7 +4190,7 @@ msgstr "" "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -4019,17 +4199,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4037,34 +4217,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4074,32 +4254,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4115,7 +4295,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4123,17 +4303,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4141,12 +4321,12 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4155,19 +4335,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4175,24 +4355,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4201,24 +4381,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4228,14 +4408,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4243,21 +4423,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4265,7 +4445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4274,7 +4454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4283,7 +4463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4295,17 +4475,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4314,12 +4494,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4330,31 +4510,54 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 -msgid "proxy_fast_alias (boolean)" -msgstr "proxy_fast_alias (boolean)" +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." msgid "" -"When a user or group is looked up by name in the proxy provider, a second " -"lookup by ID is performed to \"canonicalize\" the name in case the requested " -"name was an alias. Setting this option to true would cause the SSSD to " -"perform the ID lookup from cache for performance reasons." +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." msgstr "" -"Quand un utilisateur ou un groupe est recherché par son nom dans le " -"fournisseur proxy, une deuxième recherche par ID est effectuée pour " -"récupérer le nom canonique, dans le cas où le nom demandé serait un alias. " +"Le nom de la bibliothèque NSS à utiliser dans les domaines proxy. Les " +"recherches de fonctions NSS dans la bibliothèque sont sous la forme _nss_" +"$(libName)_$(function), par exemple _nss_files_getpwent." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 +msgid "proxy_fast_alias (boolean)" +msgstr "proxy_fast_alias (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3436 +msgid "" +"When a user or group is looked up by name in the proxy provider, a second " +"lookup by ID is performed to \"canonicalize\" the name in case the requested " +"name was an alias. Setting this option to true would cause the SSSD to " +"perform the ID lookup from cache for performance reasons." +msgstr "" +"Quand un utilisateur ou un groupe est recherché par son nom dans le " +"fournisseur proxy, une deuxième recherche par ID est effectuée pour " +"récupérer le nom canonique, dans le cas où le nom demandé serait un alias. " "Cette option positionnée à true active la recherche par l'ID dans le cache " "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4362,7 +4565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4371,12 +4574,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4393,7 +4596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4401,17 +4604,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4420,7 +4623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4430,7 +4633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4450,12 +4653,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4466,29 +4669,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4497,17 +4700,17 @@ msgstr "" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4516,17 +4719,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4535,12 +4738,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4551,17 +4754,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4574,17 +4777,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4595,17 +4798,17 @@ msgstr "" "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4616,17 +4819,17 @@ msgstr "" "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4637,69 +4840,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4712,7 +4915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4720,7 +4923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4729,55 +4932,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4786,17 +4989,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4804,26 +5007,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4832,17 +5035,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4852,7 +5055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4861,59 +5064,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4921,14 +5124,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4936,7 +5139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4944,12 +5147,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -5003,7 +5206,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5012,7 +5215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5020,7 +5223,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5031,7 +5234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5045,7 +5248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5230,7 +5433,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Exemples :" @@ -5429,27 +5632,42 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Par défaut : password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Consulter la page de manuel de <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> pour plus d'informations sur le greffon de " +"localisation." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." msgstr "" -"Le jeton d'authentification pour le DN de connexion par défaut. Seuls les " -"mots de passe en clair sont actuellement pris en charge." +"Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5462,12 +5680,12 @@ msgstr "" "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5476,12 +5694,12 @@ msgstr "" "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5492,7 +5710,7 @@ msgstr "" "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5501,12 +5719,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5518,7 +5736,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5528,7 +5746,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5538,12 +5756,12 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5553,24 +5771,24 @@ msgstr "" "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5580,22 +5798,36 @@ msgstr "" "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ipa_host_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (chaînes)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5606,7 +5838,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5617,12 +5849,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5633,12 +5865,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5655,12 +5887,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5669,12 +5901,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5687,17 +5919,38 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (entier)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5706,17 +5959,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5728,7 +5981,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5738,7 +5991,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5749,17 +6002,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5775,12 +6028,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5791,19 +6044,42 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +#, fuzzy +#| msgid "" +#| "When communicating with an LDAP server using SASL, specify the minimum " +#| "security level necessary to establish the connection. The values of this " +#| "option are defined by OpenLDAP." +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" +"Lors de la communication avec un serveur LDAP en utilisant SASL, spécifie le " +"niveau de sécurité minimal nécessaire pour établir la connexion. Les valeurs " +"de cette option sont définies par OpenLDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5814,7 +6090,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5825,7 +6101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5838,7 +6114,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5849,12 +6125,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5863,7 +6139,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5872,7 +6148,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5883,7 +6159,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5894,7 +6170,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5905,22 +6181,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5929,7 +6205,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5938,12 +6214,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5957,32 +6233,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5990,12 +6266,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6005,12 +6281,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6022,19 +6298,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6054,24 +6330,24 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6082,12 +6358,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -6100,7 +6376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6112,17 +6388,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6133,17 +6409,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6152,34 +6428,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6187,28 +6463,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6228,7 +6504,7 @@ msgstr "" "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6239,7 +6515,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6251,29 +6527,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6283,12 +6559,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6303,7 +6579,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6315,12 +6591,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6329,7 +6605,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6338,7 +6614,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6349,7 +6625,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6361,7 +6637,7 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6370,17 +6646,17 @@ msgstr "" "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6389,7 +6665,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6403,29 +6679,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6434,19 +6710,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6456,12 +6732,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6477,12 +6753,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6494,7 +6770,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -6503,7 +6779,7 @@ msgstr "" "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6512,17 +6788,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6531,7 +6807,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6543,12 +6819,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6557,7 +6833,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6570,7 +6846,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6581,7 +6857,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6594,7 +6870,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6605,24 +6881,24 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6632,14 +6908,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6652,12 +6928,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6667,7 +6943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6677,20 +6953,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6699,32 +6975,32 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6733,12 +7009,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6747,22 +7023,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6771,12 +7047,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6786,7 +7062,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6795,7 +7071,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6804,7 +7080,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6813,12 +7089,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -6827,7 +7103,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6845,7 +7121,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6856,36 +7132,29 @@ msgstr "" "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -6895,19 +7164,14 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Toutes les options de configuration communes appliquées aux domaines SSSD " -"s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " -"DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " -"détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6915,12 +7179,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -6930,7 +7194,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -6939,17 +7203,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6957,7 +7221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -6966,7 +7230,7 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6976,12 +7240,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -6991,12 +7255,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7005,7 +7269,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7014,8 +7278,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7024,17 +7288,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7043,7 +7307,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7052,12 +7316,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7066,12 +7330,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7080,14 +7344,14 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7100,59 +7364,59 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7161,22 +7425,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7185,14 +7449,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7203,7 +7467,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7223,27 +7487,27 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7269,13 +7533,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7569,11 +7833,266 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "" +"Le type de jeton d'authentification pour le DN de connexion par défaut." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Déverrouiller le compte utilisateur." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "FICHIERS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7585,7 +8104,7 @@ msgstr "" "exemple, contenir les instructions permettant la réinitialisation." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7605,7 +8124,7 @@ msgstr "" "utilisateurs doivent avoir les autorisations en lecture seule." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8049,168 +8568,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -8218,62 +8750,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -8281,17 +8813,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -8300,129 +8832,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -8433,12 +8965,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -8446,7 +8978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -8458,7 +8990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -8467,7 +8999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -8477,12 +9009,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8490,40 +9022,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8531,19 +9063,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -8553,17 +9085,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -8571,19 +9103,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -8591,19 +9123,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -8611,12 +9143,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -8624,19 +9156,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -8644,116 +9176,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -8763,12 +9295,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -8912,7 +9444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -8927,7 +9459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8949,12 +9481,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8981,12 +9513,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9014,17 +9546,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9032,7 +9564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -9042,7 +9574,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "Active les sites DNS - découverte de service basée sur l'emplacement" @@ -9067,7 +9599,7 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" @@ -9084,12 +9616,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9114,12 +9646,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9128,48 +9660,48 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9295,26 +9827,26 @@ msgstr "" "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9333,7 +9865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" @@ -9476,6 +10008,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Par défaut : cn" @@ -9662,7 +10195,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -9672,88 +10205,96 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry> manual page for more details." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " +"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -9767,7 +10308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9778,7 +10319,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -10019,32 +10560,43 @@ msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the Active Directory domain to identify " +#| "this host." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" "Facultatif. Peut être défini sur les machines où le hostname(5) ne reflète " "pas le nom pleinenent qualifié utilisé dans le domaine Active Directory pour " "identifier ce système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "Ce champ est utilisé pour déterminer le principal d'hôte utilisé dans un " "fichier keytab. Elle doit correspondre au nom du système pour lequel a été " "publié un fichier keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -10062,12 +10614,12 @@ msgstr "" "utilisée pendant la découverte de site." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "ad_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -10076,7 +10628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -10085,7 +10637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -10094,14 +10646,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -10114,7 +10666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -10123,7 +10675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -10141,24 +10693,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "ad_site (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -10167,7 +10719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -10176,12 +10728,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -10191,7 +10743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -10200,16 +10752,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -10219,21 +10771,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -10243,15 +10795,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -10266,23 +10810,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "Il existe trois valeurs prises en charge pour cette option :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -10290,22 +10834,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "Par défaut : permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -10316,12 +10860,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -10331,12 +10875,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10344,12 +10888,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10365,14 +10909,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10380,7 +10924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10392,42 +10936,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10443,7 +10987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10451,7 +10995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10459,7 +11003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10471,22 +11015,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10502,7 +11046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10510,7 +11054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10518,7 +11062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10530,22 +11074,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10560,14 +11104,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10575,7 +11119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10587,23 +11131,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10619,14 +11163,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10634,7 +11178,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10645,19 +11189,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10665,7 +11209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10677,29 +11221,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10707,12 +11251,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10725,57 +11269,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10783,17 +11327,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10803,12 +11347,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (booléen)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10826,19 +11402,19 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10848,12 +11424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10864,7 +11440,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10888,7 +11464,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10900,7 +11476,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10911,7 +11487,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10921,7 +11497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11500,17 +12076,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -#| "debug messages will be sent to stderr." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"Si la variable d'environnement SSSD_KRB5_LOCATOR_DEBUG a une valeur " -"quelconque, des messages de débogage seront envoyés sur la sortie standard " -"d'erreur." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -12153,9 +12722,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -12698,21 +13275,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " -#| "more information on the locator plugin." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"Consulter la page de manuel de <citerefentry> " -"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry> pour plus d'informations sur le greffon de " -"localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -15443,26 +16011,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of the AD provider for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " -#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"Cette page de manuel décrit la configuration du fournisseur AD pour " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section " -"<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -15491,10 +16045,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -15508,10 +16060,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id,max_id (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -15522,17 +16072,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Par défaut : 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -15543,10 +16089,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Par défaut : 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15747,17 +16291,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "user_attributes = +telephoneNumber, -loginShell\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"user_attributes = +telephoneNumber, -loginShell\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 @@ -16026,10 +16565,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -16048,28 +16585,16 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "Fournisseur LDAP SSSD" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -16077,11 +16602,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"Ce manuel décrit la configuration des domaines LDAP pour <citerefentry> " -"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" -"citerefentry>. Se référer à la section <quote>FILE FORMAT</quote> du manuel " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> pour des informations sur la syntaxe détaillée." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -16950,10 +17470,8 @@ msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -17178,10 +17696,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "SECTIONS DE SERVICES" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -17429,10 +17945,142 @@ msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "OPTIONS AUTOFS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_user_object_class (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Par défaut : host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_iphost_name (string)" +msgstr "ad_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" +"L'attribut LDAP qui contient le nom des attributs de service et de leurs " +"alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_user_uid_number (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "The LDAP attribute that contains the IP host address." +msgstr "L'attribut LDAP contenant les noms des membres du groupe." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "par défaut : uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Par défaut : password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" +"L'attribut LDAP qui contient le nom des attributs de service et de leurs " +"alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "par défaut : uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -17602,8 +18250,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -17734,10 +18382,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (entier)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -18384,13 +19030,26 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 +#, fuzzy +#| msgid "" +#| "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " +#| "tracing information." +msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" +"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis> : informations de " +"traçage de bas niveau." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -18399,7 +19058,7 @@ msgstr "" "graves et les données de fonction, utiliser 0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -18409,7 +19068,7 @@ msgstr "" "pour les fonctions de contrôle interne, utiliser 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." @@ -18418,14 +19077,14 @@ msgstr "" "introduit dans la version 1.7.0." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Par défaut</emphasis> : 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -18741,8 +19400,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -18899,19 +19560,9 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" -#~ msgid "Default: homeDirectory" -#~ msgstr "Par défaut : homeDirectory" - -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (entier)" - #~ msgid "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." #~ msgstr "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "Le jeton d'authentification pour le DN de connexion par défaut. Seuls les " +#~ "mots de passe en clair sont actuellement pris en charge." diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 5231f970bb..ab10ae3ba0 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -9,9 +9,9 @@ # Keiko Moriguchi <kemorigu@redhat.com>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:09+0200\n" "PO-Revision-Date: 2019-05-28 11:45+0000\n" "Last-Translator: Keiko Moriguchi <kemorigu@redhat.com>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" @@ -321,10 +321,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "初期値: true" @@ -343,21 +343,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "初期値: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -381,8 +382,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "初期値: 10" @@ -397,7 +398,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -481,7 +482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -501,12 +502,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -517,39 +518,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -560,16 +561,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (論理値)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -585,21 +584,11 @@ msgstr "try_inotify (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD は、内部 DNS リゾルバーを更新する必要となるときを認識するために、resolv." -"conf の状態を監視します。初期状態では、このために inotify を使用しようとしま" -"す。inotify が使用できない場合 5 秒ごとに resolv.conf をポーリングするよう" -"フォールバックします。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -714,8 +703,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -824,10 +813,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "初期値: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -938,12 +925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -1027,8 +1014,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1112,7 +1099,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "初期値: 60" @@ -1172,8 +1159,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "初期値: 300" @@ -1266,7 +1253,7 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "初期値: 50" @@ -1287,7 +1274,7 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "初期値: 15" @@ -1835,7 +1822,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" @@ -1850,7 +1837,7 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1864,7 +1851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" @@ -1927,8 +1914,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "初期値: none" @@ -1993,8 +1980,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "初期値: 偽" @@ -2006,64 +1993,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2071,7 +2058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2083,63 +2070,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2147,12 +2134,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2163,15 +2150,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2179,7 +2166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2187,13 +2174,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "初期値: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2204,12 +2247,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2218,12 +2261,12 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2233,22 +2276,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2259,51 +2302,51 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2312,12 +2355,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2327,38 +2370,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set, i.e. FAST is not used." -msgid "Default: not set, all found rules are used" -msgstr "初期値: 設定されません、つまり FAST が使用されません。" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2369,7 +2434,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2380,24 +2445,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2405,12 +2470,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2419,24 +2484,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2446,66 +2511,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2513,17 +2578,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2531,7 +2596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2539,22 +2604,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2563,14 +2628,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2579,31 +2644,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2612,7 +2677,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2624,24 +2689,24 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2650,29 +2715,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2686,7 +2751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2695,7 +2760,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2708,39 +2773,39 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2749,12 +2814,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2763,7 +2828,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2774,17 +2839,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2793,19 +2858,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2814,12 +2879,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2828,12 +2893,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2842,55 +2907,95 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (整数)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にユーザーエントリーを有効であると" +"考える秒数です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (整数)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にエントリーを有効であると考える秒" +"数です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2899,45 +3004,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2945,24 +3062,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2974,17 +3091,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2993,17 +3110,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3011,18 +3128,18 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3030,7 +3147,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3041,8 +3158,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3055,8 +3172,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3067,12 +3184,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3081,7 +3198,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3094,7 +3211,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3102,22 +3219,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3129,7 +3248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3137,12 +3256,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3151,7 +3270,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3162,7 +3281,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3173,24 +3292,24 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3199,12 +3318,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3215,7 +3334,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3224,12 +3343,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3242,7 +3361,7 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3250,22 +3369,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3274,7 +3393,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3282,7 +3401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3293,7 +3412,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3301,12 +3420,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3315,19 +3434,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3338,33 +3457,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3375,7 +3494,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3384,12 +3503,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3397,7 +3516,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3405,31 +3524,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3437,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3446,17 +3565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3464,37 +3583,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3502,7 +3621,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3513,7 +3632,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3524,7 +3643,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3532,17 +3651,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3551,7 +3670,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3562,12 +3681,79 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"ドメインに対するパスワード変更操作を取り扱うプロバイダーです。サポートされる" +"パスワード変更プロバイダーは次のとおりです:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> は LDAP に保存されているマップを読み込みます。LDAP の設定" +"に関する詳細は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> を参照してください。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>ldap</quote> は LDAP に保存されているマップを読み込みます。LDAP の設定" +"に関する詳細は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> を参照してください。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3577,7 +3763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3586,29 +3772,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3619,7 +3805,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3629,17 +3815,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3648,46 +3834,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3696,25 +3882,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3723,52 +3909,52 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3776,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3785,17 +3971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3803,34 +3989,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3838,32 +4024,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3873,35 +4059,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3910,19 +4096,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3930,24 +4116,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3956,24 +4142,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3983,14 +4169,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3998,21 +4184,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4020,7 +4206,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4029,7 +4215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4038,7 +4224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4049,17 +4235,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4068,12 +4254,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4084,12 +4270,35 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"プロキシドメインにおいて使用する NSS ライブラリーの名前です。ライブラリーにお" +"いて検索する NSS 関数は _nss_$(libName)_$(function) の形式です。たとえば " +"_nss_files_getpwent です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4098,12 +4307,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4111,7 +4320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4120,12 +4329,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4142,7 +4351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4150,17 +4359,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4169,7 +4378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4179,7 +4388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4199,12 +4408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4215,27 +4424,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4244,17 +4453,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4263,17 +4472,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4282,12 +4491,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4298,17 +4507,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4321,17 +4530,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4342,17 +4551,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4363,17 +4572,17 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4384,69 +4593,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4459,7 +4668,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4467,7 +4676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4476,55 +4685,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4533,17 +4742,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4551,26 +4760,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4579,17 +4788,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4599,7 +4808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4608,59 +4817,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4668,14 +4877,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4683,7 +4892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4691,12 +4900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4750,7 +4959,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4759,7 +4968,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4767,7 +4976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4778,7 +4987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4792,7 +5001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4961,7 +5170,7 @@ msgstr "" "な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "例:" @@ -5137,27 +5346,40 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "初期値: password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"位置情報プラグインの詳細は <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> マニュアルページを参照ください。" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"デフォルトのバインド DN の認証トークンです。平文テキストのパスワードのみが現" -"在サポートされます。" +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "初期バインド DN の認証トークンの形式です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5169,12 +5391,12 @@ msgstr "" "場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5182,12 +5404,12 @@ msgstr "" "SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5198,7 +5420,7 @@ msgstr "" "削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5207,12 +5429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5223,7 +5445,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5233,7 +5455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5243,36 +5465,36 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" "オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5282,22 +5504,36 @@ msgstr "" "してください。" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ipa_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ipa_host_search_base (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5305,7 +5541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5316,12 +5552,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5329,12 +5565,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5350,12 +5586,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5364,12 +5600,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5378,17 +5614,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (整数)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5397,17 +5654,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5418,7 +5675,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5428,7 +5685,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5439,17 +5696,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5459,12 +5716,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5472,17 +5729,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (整数)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5490,7 +5762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5501,7 +5773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5510,7 +5782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5518,12 +5790,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5532,7 +5804,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5541,7 +5813,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5552,7 +5824,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5563,7 +5835,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5573,22 +5845,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -5598,7 +5870,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -5607,12 +5879,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5625,32 +5897,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5658,12 +5930,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -5672,12 +5944,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5685,18 +5957,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5707,24 +5979,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5735,12 +6007,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5753,7 +6025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5765,17 +6037,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5783,17 +6055,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -5802,33 +6074,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5836,28 +6108,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5869,7 +6141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5880,7 +6152,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5891,27 +6163,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -5920,12 +6192,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5935,7 +6207,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5946,12 +6218,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -5960,7 +6232,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -5969,7 +6241,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5980,7 +6252,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5991,24 +6263,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6017,7 +6289,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6026,28 +6298,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6056,29 +6328,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6094,12 +6366,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6108,14 +6380,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6124,17 +6396,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6143,7 +6415,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6154,12 +6426,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6168,7 +6440,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6177,7 +6449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6188,7 +6460,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6201,7 +6473,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6209,23 +6481,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6235,14 +6507,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6255,12 +6527,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6270,7 +6542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6280,20 +6552,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6302,44 +6574,44 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6348,22 +6620,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6372,12 +6644,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6386,7 +6658,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6395,7 +6667,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6404,7 +6676,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6413,19 +6685,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6436,7 +6708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6444,36 +6716,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -6483,19 +6748,14 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"SSSD ドメインに適用するすべての全体設定オプションを LDAP ドメインに適用しま" -"す。完全な詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> マニュアルページの <quote>ドメインセ" -"クション</quote> を参照してください。 <placeholder type=\"variablelist\" id=" -"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6503,19 +6763,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -6524,17 +6784,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6542,14 +6802,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6559,24 +6819,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -6585,15 +6845,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -6602,17 +6862,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -6621,7 +6881,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -6629,38 +6889,38 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6672,59 +6932,59 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6733,22 +6993,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6757,14 +7017,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6775,7 +7035,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6788,27 +7048,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6824,13 +7084,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7122,12 +7382,266 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "初期バインド DN の認証トークンの形式です。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "ユーザーアカウントのロックを解除します。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "ファイル" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -7138,7 +7652,7 @@ msgstr "" "ば、このメッセージはパスワードをリセットする方法に関する説明があります。" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -7150,7 +7664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7581,168 +8095,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7750,62 +8277,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7813,17 +8340,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7832,129 +8359,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7965,12 +8492,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7978,7 +8505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7990,7 +8517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7999,7 +8526,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -8009,12 +8536,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8022,40 +8549,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -8063,19 +8590,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -8085,17 +8612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -8103,19 +8630,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -8123,19 +8650,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -8143,12 +8670,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -8156,19 +8683,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -8176,116 +8703,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -8295,12 +8822,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -8432,7 +8959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -8447,7 +8974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8465,12 +8992,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8491,12 +9018,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8520,17 +9047,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8538,7 +9065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8548,7 +9075,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "DNS サイトの有効化 - 位置情報に基づいたサービス探索。" @@ -8565,7 +9092,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" @@ -8578,12 +9105,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8602,12 +9129,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -8616,48 +9143,48 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8781,26 +9308,26 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8819,7 +9346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" @@ -8956,6 +9483,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "初期値: cn" @@ -9131,7 +9659,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -9141,88 +9669,96 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry> manual page for more details." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> マニュアルページにある " +"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -9236,7 +9772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9247,7 +9783,7 @@ msgstr "" "例は IPA プロバイダー固有のオプションのみを示しています。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -9477,30 +10013,41 @@ msgstr "ad_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the Active Directory domain to identify " +#| "this host." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" "オプションです。hostname(5) が Active Directory ドメインにおいて使用される完" "全修飾名を反映しないマシンにおいてマシンに設定されるかもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "この項目はキーテーブルにおいて使用中のホストプリンシパルを決定するために使用" "されます。キーテーブルが発行されたホスト名と一致する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9511,12 +10058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9525,7 +10072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9534,7 +10081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9543,14 +10090,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9563,7 +10110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9572,7 +10119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9590,24 +10137,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9616,7 +10163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9625,12 +10172,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9640,7 +10187,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9649,16 +10196,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9668,21 +10215,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9692,15 +10239,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9715,23 +10254,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9739,22 +10278,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9765,12 +10304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9780,12 +10319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9793,12 +10332,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9814,14 +10353,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9829,7 +10368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9841,42 +10380,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9892,7 +10431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9900,7 +10439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9908,7 +10447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9920,22 +10459,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9951,7 +10490,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9959,7 +10498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9967,7 +10506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9979,22 +10518,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10009,14 +10548,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10024,7 +10563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10036,23 +10575,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10068,14 +10607,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10083,7 +10622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10094,19 +10633,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10114,7 +10653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10126,29 +10665,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10156,12 +10695,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10174,57 +10713,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10232,17 +10771,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10252,12 +10791,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (論理値)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10268,19 +10839,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10290,12 +10861,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10306,7 +10877,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10330,7 +10901,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10342,7 +10913,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10350,7 +10921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10360,7 +10931,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10874,16 +11445,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -#| "debug messages will be sent to stderr." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"環境変数 SSSD_KRB5_LOCATOR_DEBUG に何らかの値が設定されていると、デバッグメッ" -"セージが標準エラーに送られます。" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -11517,9 +12082,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -12030,20 +12603,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " -#| "more information on the locator plugin." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"位置情報プラグインの詳細は <citerefentry> " -"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -14711,25 +15276,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of the IPA provider for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. For a detailed syntax reference, refer to " -#| "the <quote>FILE FORMAT</quote> section of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> に対する IPA プロバイダーの設定を説" -"明しています。詳細な構文の参考資料は <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルペー" -"ジの <quote>ファイル形式</quote> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -14758,10 +15310,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -14775,10 +15325,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id,max_id (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -14789,17 +15337,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "初期値: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (整数)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -14810,10 +15354,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "初期値: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15288,10 +15830,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -15310,10 +15850,8 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 @@ -15322,14 +15860,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -15337,11 +15867,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> 向けの LDAP ドメインの設定を説明して" -"います。詳細な構文については <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページの " -"<quote>ファイル形式</quote> セクションを参照してください。" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -16172,10 +16697,8 @@ msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -16393,10 +16916,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "サービスセクション" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -16637,10 +17158,138 @@ msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "AUTOFS オプション" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_user_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_user_object_class (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a user entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "初期値: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ad_hostname (string)" +msgid "ldap_iphost_name (string)" +msgstr "ad_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_user_uid_number (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "The LDAP attribute that contains the IP host address." +msgstr "グループのメンバーの名前を含む LDAP の属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "初期値: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "初期値: password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "初期値: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -16802,8 +17451,8 @@ msgstr "サービス検索メカニズムに関する詳細は RFC 2782 を参 #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16906,10 +17555,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (整数)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -17482,12 +18129,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -17496,7 +18150,7 @@ msgstr "" "データをログに取得するには 0x0270 を使用します。" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -17505,21 +18159,21 @@ msgstr "" "数のトレースメッセージをログに取得するには 0x1310 を使用します。" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -17808,8 +18462,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -17966,5 +18622,9 @@ msgstr "" msgid "ldap_group_external_member = ipaExternalMember" msgstr "" -#~ msgid "Default: homeDirectory" -#~ msgstr "初期値: homeDirectory" +#~ msgid "" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." +#~ msgstr "" +#~ "デフォルトのバインド DN の認証トークンです。平文テキストのパスワードのみが" +#~ "現在サポートされます。" diff --git a/src/man/po/lv.po b/src/man/po/lv.po index bd30342f91..caf6ff213e 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -7,9 +7,9 @@ # Kristaps, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:00+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -296,10 +296,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -318,21 +318,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -356,8 +357,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -372,7 +373,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -452,7 +453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -472,12 +473,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -485,39 +486,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -526,7 +527,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -655,8 +656,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -765,10 +766,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 6" msgid "Default: sha256" -msgstr "Noklusējuma: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -879,12 +878,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -968,8 +967,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1045,7 +1044,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Noklusējuma: 60" @@ -1105,8 +1104,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Noklusējuma: 300" @@ -1183,7 +1182,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1201,7 +1200,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Noklusējuma: 15" @@ -1711,7 +1710,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1724,7 +1723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1738,7 +1737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1801,8 +1800,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1867,8 +1866,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1880,64 +1879,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1945,7 +1944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1957,63 +1956,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2021,12 +2020,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2037,15 +2036,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2053,7 +2052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2061,13 +2060,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: posixAccount" +msgid "Default: no_session" +msgstr "Noklusējuma: posixAccount" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2078,24 +2133,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2105,22 +2160,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2128,51 +2183,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2181,12 +2236,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2196,36 +2251,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2236,7 +2315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2247,24 +2326,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2272,12 +2351,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2286,24 +2365,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2313,66 +2392,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2380,17 +2459,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2398,7 +2477,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2406,22 +2485,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2430,14 +2509,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2446,38 +2525,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2486,24 +2565,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2512,29 +2591,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2548,14 +2627,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2564,39 +2643,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2605,19 +2684,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2628,115 +2707,143 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "noildze (vesels skaitlis)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "noildze (vesels skaitlis)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2745,42 +2852,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2788,24 +2907,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2814,17 +2933,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2833,34 +2952,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2868,7 +2987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2876,8 +2995,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2886,8 +3005,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2895,19 +3014,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2916,7 +3035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2924,22 +3043,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2951,7 +3072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2959,19 +3080,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2979,7 +3100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2987,35 +3108,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3023,19 +3144,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3044,7 +3165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3052,29 +3173,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3082,7 +3203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3090,35 +3211,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3126,32 +3247,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3162,7 +3283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3171,12 +3292,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3184,7 +3305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3192,31 +3313,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3224,7 +3345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3233,17 +3354,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3251,43 +3372,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3295,7 +3416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3303,7 +3424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3311,24 +3432,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3336,12 +3457,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3351,7 +3513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3360,29 +3522,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3390,7 +3552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3400,59 +3562,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3461,77 +3623,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3539,7 +3701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3548,17 +3710,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3566,34 +3728,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3601,32 +3763,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3636,34 +3798,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3672,19 +3834,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3692,24 +3854,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3718,24 +3880,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3745,14 +3907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3760,21 +3922,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3782,7 +3944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3791,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3800,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3808,29 +3970,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3838,12 +4000,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3852,12 +4027,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3865,19 +4040,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3894,7 +4069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3902,17 +4077,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3921,7 +4096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3931,7 +4106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3951,12 +4126,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3964,73 +4139,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Noklusējuma: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4038,17 +4213,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Noklusējuma: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4057,17 +4232,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Noklusējuma: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4075,17 +4250,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Noklusējuma: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4093,17 +4268,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4114,69 +4289,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4189,7 +4364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4197,7 +4372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4206,55 +4381,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4263,17 +4438,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4281,26 +4456,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4309,17 +4484,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4329,7 +4504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4338,59 +4513,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4398,14 +4573,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4413,7 +4588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4421,12 +4596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4456,7 +4631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4465,7 +4640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4473,7 +4648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4484,7 +4659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4498,7 +4673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4648,7 +4823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4820,25 +4995,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4847,24 +5027,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4872,7 +5052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4881,12 +5061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4894,7 +5074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4904,7 +5084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4914,34 +5094,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4949,22 +5129,32 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4972,7 +5162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4980,12 +5170,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4993,12 +5183,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5009,12 +5199,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5023,12 +5213,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5037,34 +5227,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5072,14 +5281,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5087,17 +5296,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5107,12 +5316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5120,17 +5329,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5138,7 +5360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5149,7 +5371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5158,7 +5380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5166,26 +5388,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5193,7 +5415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5201,7 +5423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5209,41 +5431,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5252,32 +5474,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5285,24 +5507,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5310,17 +5532,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5331,24 +5553,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5359,12 +5581,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5377,7 +5599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5389,17 +5611,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5407,49 +5629,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5457,28 +5679,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5490,7 +5712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5498,7 +5720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5506,39 +5728,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5548,7 +5770,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5556,26 +5778,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5583,7 +5805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5591,31 +5813,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5624,56 +5846,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5689,12 +5911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5703,14 +5925,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5719,24 +5941,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5744,19 +5966,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5765,7 +5987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5773,7 +5995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5782,7 +6004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5790,22 +6012,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5815,14 +6037,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5835,12 +6057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5850,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5860,63 +6082,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5925,74 +6147,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6003,7 +6225,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6011,24 +6233,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6045,12 +6267,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6058,36 +6280,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6095,14 +6317,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6112,101 +6334,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6215,59 +6437,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6276,22 +6498,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6300,14 +6522,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6315,7 +6537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6328,27 +6550,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6364,13 +6586,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6533,119 +6755,369 @@ msgid "<option>allow_missing_name</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6653,7 +7125,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6665,7 +7137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7060,168 +7532,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7229,62 +7714,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7292,17 +7777,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7311,129 +7796,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7444,12 +7929,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7457,7 +7942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7469,7 +7954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7478,7 +7963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7488,12 +7973,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7501,40 +7986,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7542,19 +8027,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7564,17 +8049,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7582,19 +8067,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7602,19 +8087,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7622,12 +8107,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7635,19 +8120,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7655,116 +8140,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7774,12 +8259,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7900,7 +8385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7915,7 +8400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7930,12 +8415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7956,12 +8441,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7985,17 +8470,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8003,7 +8488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8013,7 +8498,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8030,7 +8515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8043,12 +8528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8067,60 +8552,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8234,26 +8719,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8272,7 +8757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8409,6 +8894,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8581,7 +9067,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8591,88 +9077,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8686,7 +9172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8694,7 +9180,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8919,25 +9405,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8948,12 +9436,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8962,7 +9450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8971,7 +9459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8980,14 +9468,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9000,7 +9488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9009,7 +9497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9027,24 +9515,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9053,7 +9541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9062,12 +9550,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9077,7 +9565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9086,16 +9574,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9105,21 +9593,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9129,15 +9617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9152,23 +9632,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9176,22 +9656,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9202,12 +9682,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9217,12 +9697,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9230,12 +9710,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9251,14 +9731,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9266,7 +9746,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9278,42 +9758,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9329,7 +9809,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9337,7 +9817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9345,7 +9825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9357,22 +9837,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9388,7 +9868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9396,7 +9876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9404,7 +9884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9416,22 +9896,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9446,14 +9926,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9461,7 +9941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9473,23 +9953,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9505,14 +9985,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9520,7 +10000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9531,19 +10011,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9551,7 +10031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9563,29 +10043,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9593,12 +10073,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9611,57 +10091,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9669,17 +10149,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9689,12 +10169,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9705,19 +10215,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9727,12 +10237,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9740,7 +10250,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9755,7 +10265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9764,7 +10274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9772,7 +10282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9782,7 +10292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10824,7 +11334,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13874,10 +14384,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "timeout (integer)" msgid "max_ccaches (integer)" -msgstr "noildze (vesels skaitlis)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -13903,10 +14411,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Noklusējuma: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 @@ -13922,10 +14428,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Noklusējuma: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -14420,10 +14924,8 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 @@ -15668,6 +16170,108 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipHost" +msgstr "Noklusējuma: filtrēt" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipHostNumber" +msgstr "Noklusējuma: filtrēt" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipNetwork" +msgstr "Noklusējuma: filtrēt" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipNetworkNumber" +msgstr "Noklusējuma: filtrēt" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15814,8 +16418,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16472,40 +17076,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16787,7 +17398,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/nl.po b/src/man/po/nl.po index e05315677b..f0637149f7 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -6,9 +6,9 @@ # Wijnand Modderman-Lenstra <accounts-transifex@maze.io>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:02+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -319,10 +319,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standaard: true" @@ -341,21 +341,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -379,8 +380,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -395,7 +396,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Sectie parameters" @@ -479,7 +480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -499,12 +500,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -512,39 +513,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -553,16 +554,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "try_inotify (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "try_inotify (bool)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -578,21 +577,11 @@ msgstr "try_inotify (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD houdt de stat van resolv.conf in de gaten om te zien wanneer de interne " -"DNS-resolver bijgewerkt moet worden. Standaard wordt er geprobeerd om " -"inotify te gebruiken en er wordt teruggevallen op iedere vijf seconden " -"kijken of resolv.conf gewijzigd is als er geen inotify beschikbaar is." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -704,8 +693,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -814,10 +803,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 120" msgid "Default: sha256" -msgstr "Standaard: 120" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -928,12 +915,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -1017,8 +1004,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1094,7 +1081,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1154,8 +1141,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1236,7 +1223,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1254,7 +1241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1764,7 +1751,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1777,7 +1764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1791,7 +1778,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" @@ -1854,8 +1841,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1920,8 +1907,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1933,64 +1920,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1998,7 +1985,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2010,63 +1997,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2074,12 +2061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2090,15 +2077,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2106,7 +2093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2114,13 +2101,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: true" +msgid "Default: no_session" +msgstr "Standaard: true" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2131,24 +2174,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2158,22 +2201,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2181,51 +2224,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2234,12 +2277,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2249,36 +2292,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2289,7 +2356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2300,24 +2367,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2325,12 +2392,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2339,24 +2406,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2366,66 +2433,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2433,17 +2500,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2451,7 +2518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2459,22 +2526,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2483,14 +2550,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2499,38 +2566,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2539,24 +2606,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2565,29 +2632,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2601,14 +2668,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2617,39 +2684,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2658,19 +2725,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2681,115 +2748,143 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "enum_cache_timeout (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "enum_cache_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "enum_cache_timeout (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2798,42 +2893,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2841,24 +2948,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2867,17 +2974,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2886,34 +2993,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2921,7 +3028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2929,8 +3036,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2939,8 +3046,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2948,19 +3055,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2969,7 +3076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2977,22 +3084,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3004,7 +3113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3012,19 +3121,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3032,7 +3141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3040,35 +3149,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3076,19 +3185,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3097,7 +3206,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3105,29 +3214,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3135,7 +3244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3143,35 +3252,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3179,32 +3288,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3215,7 +3324,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3224,12 +3333,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3237,7 +3346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3245,31 +3354,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3277,7 +3386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3286,17 +3395,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3304,43 +3413,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3348,7 +3457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3356,7 +3465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3364,24 +3473,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3389,12 +3498,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "re_expression (string)" +msgid "resolver_provider (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3404,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3413,29 +3565,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3446,7 +3598,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3456,59 +3608,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3517,77 +3669,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3595,7 +3747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3604,17 +3756,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3622,34 +3774,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3657,32 +3809,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3692,34 +3844,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3728,19 +3880,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3748,24 +3900,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3774,24 +3926,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3801,14 +3953,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3816,21 +3968,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3838,7 +3990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3847,7 +3999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3856,7 +4008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3864,29 +4016,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3894,12 +4046,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3908,12 +4073,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3921,19 +4086,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3950,7 +4115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3958,17 +4123,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3977,7 +4142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3987,7 +4152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4007,12 +4172,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4020,73 +4185,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4094,17 +4259,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4113,17 +4278,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4131,17 +4296,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4149,17 +4314,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4170,69 +4335,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4245,7 +4410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4253,7 +4418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4262,55 +4427,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4319,17 +4484,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4337,26 +4502,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4365,17 +4530,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4385,7 +4550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4394,59 +4559,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4454,14 +4619,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4469,7 +4634,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4477,12 +4642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4512,7 +4677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4521,7 +4686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4529,7 +4694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4540,7 +4705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4554,7 +4719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4704,7 +4869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4876,25 +5041,30 @@ msgstr "" msgid "Default: password" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 -msgid "ldap_default_authtok (string)" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 +#: sssd-ldap.5.xml:282 msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:293 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4903,24 +5073,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4928,7 +5098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4937,12 +5107,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4950,7 +5120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4960,7 +5130,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4970,34 +5140,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5005,22 +5175,32 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5028,7 +5208,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5036,12 +5216,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5049,12 +5229,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5065,12 +5245,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5079,12 +5259,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5093,34 +5273,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "reconnection_retries (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "reconnection_retries (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5128,14 +5329,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5143,17 +5344,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5163,12 +5364,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5176,17 +5377,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5194,7 +5408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5205,7 +5419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5214,7 +5428,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5222,26 +5436,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5249,7 +5463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5257,7 +5471,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5265,41 +5479,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5308,32 +5522,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5341,24 +5555,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5366,17 +5580,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5387,24 +5601,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5415,12 +5629,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5433,7 +5647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5445,17 +5659,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5463,49 +5677,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5513,28 +5727,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5546,7 +5760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5554,7 +5768,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5562,39 +5776,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5604,7 +5818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5612,26 +5826,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5639,7 +5853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5647,31 +5861,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5680,56 +5894,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5745,12 +5959,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5759,14 +5973,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5775,24 +5989,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5800,19 +6014,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5821,7 +6035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5829,7 +6043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5838,7 +6052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5846,22 +6060,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5871,14 +6085,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5891,12 +6105,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5906,7 +6120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5916,63 +6130,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5981,74 +6195,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6059,7 +6273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6067,24 +6281,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6101,12 +6315,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6114,36 +6328,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6151,14 +6365,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6168,101 +6382,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6271,59 +6485,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6332,22 +6546,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6356,14 +6570,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6371,7 +6585,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6384,27 +6598,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6420,13 +6634,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6615,93 +6829,343 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 -msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 +#: pam_sss.8.xml:414 msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:424 +msgid "Conversation failure." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6709,7 +7173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6721,7 +7185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7116,168 +7580,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7285,62 +7762,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7348,17 +7825,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7367,129 +7844,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7500,12 +7977,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7513,7 +7990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7525,7 +8002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7534,7 +8011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7544,12 +8021,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7557,40 +8034,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7598,19 +8075,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7620,17 +8097,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7638,19 +8115,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7658,19 +8135,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7678,12 +8155,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7691,19 +8168,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7711,116 +8188,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7830,12 +8307,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7956,7 +8433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7971,7 +8448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7986,12 +8463,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8012,12 +8489,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8041,17 +8518,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8059,7 +8536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8069,7 +8546,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8086,7 +8563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8099,12 +8576,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8123,60 +8600,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8290,26 +8767,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8328,7 +8805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8465,6 +8942,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8637,7 +9115,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8647,88 +9125,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8742,7 +9220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8750,7 +9228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8975,25 +9453,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9004,12 +9484,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9018,7 +9498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9027,7 +9507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9036,14 +9516,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9056,7 +9536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9065,7 +9545,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9083,24 +9563,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9109,7 +9589,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9118,12 +9598,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9133,7 +9613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9142,16 +9622,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9161,21 +9641,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9185,15 +9665,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9208,23 +9680,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9232,22 +9704,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9258,12 +9730,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9273,12 +9745,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9286,12 +9758,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9307,14 +9779,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9322,7 +9794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9334,42 +9806,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9385,7 +9857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9393,7 +9865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9401,7 +9873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9413,22 +9885,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9444,7 +9916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9452,7 +9924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9460,7 +9932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9472,22 +9944,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9502,14 +9974,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9517,7 +9989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9529,23 +10001,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9561,14 +10033,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9576,7 +10048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9587,19 +10059,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9607,7 +10079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9619,29 +10091,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9649,12 +10121,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9667,57 +10139,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9725,17 +10197,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9745,12 +10217,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "debug_timestamps (bool)" +msgid "ad_use_ldaps (bool)" +msgstr "debug_timestamps (bool)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9761,19 +10265,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9783,12 +10287,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9796,7 +10300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9811,7 +10315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9820,7 +10324,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9828,7 +10332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9838,7 +10342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10880,7 +11384,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13930,10 +14434,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccaches (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -13947,10 +14449,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_uid_ccaches (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -13961,17 +14461,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 64" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "max_ccache_size (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -13982,10 +14478,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 65536" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15488,10 +15982,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "SERVICES SECTIE" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -15728,6 +16220,112 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: ipHost" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_iphost_name (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipHostNumber" +msgstr "Standaard: true" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetwork" +msgstr "Standaard: true" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetworkNumber" +msgstr "Standaard: true" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15874,8 +16472,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16532,40 +17130,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16847,7 +17452,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/pt.po b/src/man/po/pt.po index a7796f3b91..82cb43aaac 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -6,9 +6,9 @@ # Miguel Sousa <migueljorgesousa@sapo.pt>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:05+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -314,10 +314,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -336,21 +336,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -374,8 +375,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Padrão: 10" @@ -390,7 +391,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -474,7 +475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -494,12 +495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -507,39 +508,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -548,16 +549,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "try_inotify (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "try_inotify (boolean)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -679,8 +678,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -789,10 +788,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 6" msgid "Default: sha256" -msgstr "Padrão: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -903,12 +900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -992,8 +989,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1069,7 +1066,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Padrão: 60" @@ -1129,8 +1126,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Padrão: 300" @@ -1207,7 +1204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Padrão: 50" @@ -1225,7 +1222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1735,7 +1732,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1748,7 +1745,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1762,7 +1759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1825,8 +1822,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Padrão: none" @@ -1891,8 +1888,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1904,64 +1901,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1969,7 +1966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1981,63 +1978,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2045,12 +2042,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2061,15 +2058,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2077,7 +2074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2085,13 +2082,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Padrão: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2102,24 +2155,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2129,22 +2182,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2152,51 +2205,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2205,12 +2258,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2220,36 +2273,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2260,7 +2337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2271,24 +2348,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2296,12 +2373,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2310,24 +2387,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2337,66 +2414,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2404,17 +2481,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2422,7 +2499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2430,22 +2507,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2454,14 +2531,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2470,38 +2547,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2510,24 +2587,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2536,29 +2613,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2572,14 +2649,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2588,39 +2665,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2629,19 +2706,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2652,115 +2729,143 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2769,42 +2874,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2812,24 +2929,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2838,17 +2955,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2857,34 +2974,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2892,7 +3009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2900,8 +3017,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2910,8 +3027,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2919,19 +3036,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2940,7 +3057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2948,22 +3065,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2975,7 +3094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2983,19 +3102,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3003,7 +3122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3011,35 +3130,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3047,19 +3166,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3068,7 +3187,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3076,29 +3195,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3106,7 +3225,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3114,35 +3233,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3150,32 +3269,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3186,7 +3305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3195,12 +3314,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3208,7 +3327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3216,31 +3335,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3248,7 +3367,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3257,17 +3376,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3275,43 +3394,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3319,7 +3438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3327,7 +3446,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3335,24 +3454,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3360,12 +3479,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "access_provider (string)" +msgid "resolver_provider (string)" +msgstr "access_provider (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3375,7 +3537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3384,29 +3546,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3414,7 +3576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3424,59 +3586,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3485,77 +3647,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3563,7 +3725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3572,17 +3734,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3590,34 +3752,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3625,32 +3787,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3660,34 +3822,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3696,19 +3858,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3716,24 +3878,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3742,24 +3904,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3769,14 +3931,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3784,21 +3946,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3806,7 +3968,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3815,7 +3977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3824,7 +3986,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3832,29 +3994,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3862,12 +4024,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3876,12 +4053,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3889,19 +4066,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3918,7 +4095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3926,17 +4103,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3945,7 +4122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3955,7 +4132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3975,12 +4152,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3988,73 +4165,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4062,17 +4239,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4081,17 +4258,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4099,17 +4276,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4117,17 +4294,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4138,69 +4315,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4213,7 +4390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4221,7 +4398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4230,55 +4407,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4287,17 +4464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4305,26 +4482,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4333,17 +4510,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4353,7 +4530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4362,59 +4539,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4422,14 +4599,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4437,7 +4614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4445,12 +4622,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4504,7 +4681,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4513,7 +4690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4521,7 +4698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4532,7 +4709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4546,7 +4723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4696,7 +4873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Exemplos:" @@ -4872,25 +5049,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4899,24 +5081,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4924,7 +5106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4933,12 +5115,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4946,7 +5128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4956,7 +5138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4966,34 +5148,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5001,22 +5183,36 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ldap_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ldap_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5024,7 +5220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5032,12 +5228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5045,12 +5241,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5061,12 +5257,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5075,12 +5271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5089,34 +5285,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "reconnection_retries (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "reconnection_retries (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5124,14 +5341,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5139,17 +5356,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5159,12 +5376,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5172,17 +5389,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_page_size (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_page_size (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5190,7 +5422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5201,7 +5433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5210,7 +5442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5218,19 +5450,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5239,7 +5471,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5247,7 +5479,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5255,7 +5487,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5263,41 +5495,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5306,32 +5538,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5339,24 +5571,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5364,17 +5596,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5385,24 +5617,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5413,12 +5645,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5431,7 +5663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5443,17 +5675,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5461,50 +5693,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5512,28 +5744,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5545,7 +5777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5553,7 +5785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5561,39 +5793,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5603,7 +5835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5611,26 +5843,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5638,7 +5870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5646,31 +5878,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5679,56 +5911,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5744,12 +5976,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5758,14 +5990,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5774,24 +6006,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5799,19 +6031,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5820,7 +6052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5828,7 +6060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5837,7 +6069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5845,22 +6077,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5870,14 +6102,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5890,12 +6122,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5905,7 +6137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5915,63 +6147,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5980,74 +6212,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6058,7 +6290,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6066,24 +6298,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6100,12 +6332,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6113,36 +6345,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6150,14 +6382,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6167,101 +6399,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6270,59 +6502,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6331,22 +6563,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6355,14 +6587,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6370,7 +6602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6383,27 +6615,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6419,13 +6651,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6634,73 +6866,325 @@ msgid "<option>try_cert_auth</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "MÓDULOS TIPO FORNECIDOS" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Desbloquear a conta de utilizador." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" -msgstr "MÓDULOS TIPO FORNECIDOS" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "FICHEIROS" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6708,7 +7192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6720,7 +7204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7115,168 +7599,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7284,62 +7781,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7347,17 +7844,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7366,129 +7863,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7499,12 +7996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7512,7 +8009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7524,7 +8021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7533,7 +8030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7543,12 +8040,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7556,40 +8053,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7597,19 +8094,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7619,17 +8116,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7637,19 +8134,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7657,19 +8154,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7677,12 +8174,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7690,19 +8187,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7710,116 +8207,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7829,12 +8326,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7955,7 +8452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7970,7 +8467,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7985,12 +8482,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8011,12 +8508,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8040,17 +8537,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8058,7 +8555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8068,7 +8565,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8085,7 +8582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8098,12 +8595,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8122,60 +8619,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8289,26 +8786,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8327,7 +8824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8464,6 +8961,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Padrão: NC" @@ -8636,7 +9134,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8646,88 +9144,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8741,7 +9239,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8749,7 +9247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8974,25 +9472,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -9003,12 +9503,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -9017,7 +9517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -9026,7 +9526,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -9035,14 +9535,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9055,7 +9555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9064,7 +9564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9082,24 +9582,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9108,7 +9608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9117,12 +9617,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9132,7 +9632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9141,16 +9641,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9160,21 +9660,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9184,15 +9684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9207,23 +9699,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9231,22 +9723,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9257,12 +9749,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9272,12 +9764,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9285,12 +9777,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9306,14 +9798,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9321,7 +9813,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9333,42 +9825,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9384,7 +9876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9392,7 +9884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9400,7 +9892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9412,22 +9904,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9443,7 +9935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9451,7 +9943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9459,7 +9951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9471,22 +9963,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9501,14 +9993,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9516,7 +10008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9528,23 +10020,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9560,14 +10052,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9575,7 +10067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9586,19 +10078,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9606,7 +10098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9618,29 +10110,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9648,12 +10140,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9666,57 +10158,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9724,17 +10216,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9744,12 +10236,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9760,19 +10284,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9782,12 +10306,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9795,7 +10319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9810,7 +10334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9819,7 +10343,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9827,7 +10351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9837,7 +10361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10889,7 +11413,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13949,10 +14473,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccaches (integer)" -msgstr "ldap_page_size (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -13966,10 +14488,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "min_id,max_id (integer)" msgid "max_uid_ccaches (integer)" -msgstr "min_id,max_id (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -13980,17 +14500,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Padrão: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "ldap_page_size (integer)" msgid "max_ccache_size (integer)" -msgstr "ldap_page_size (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -14001,10 +14517,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Padrão: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -14479,10 +14993,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -14501,10 +15013,8 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 @@ -15296,10 +15806,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -15751,6 +16259,120 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_search_base (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Padrão: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ipa_hostname (string)" +msgid "ldap_iphost_name (string)" +msgstr "ipa_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ipa_hostname (string)" +msgid "ldap_iphost_number (string)" +msgstr "ipa_hostname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipHostNumber" +msgstr "Padrão: filter" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_search_base (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipNetwork" +msgstr "Padrão: filter" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_user_fullname (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_user_fullname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_fullname (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_fullname (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: filter" +msgid "Default: ipNetworkNumber" +msgstr "Padrão: filter" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15897,8 +16519,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -15998,10 +16620,8 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout (integer)" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 @@ -16557,40 +17177,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16872,8 +17499,10 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "" +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech (string)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -17029,6 +17658,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "Default: homeDirectory" -#~ msgstr "Padrão: homeDirectory" diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po index 368e3becac..eff69d8f51 100644 --- a/src/man/po/pt_BR.po +++ b/src/man/po/pt_BR.po @@ -2,9 +2,9 @@ # Rodrigo de Araujo Sousa Fonseca <rodrigodearaujo@fedoraproject.org>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2017-01-29 10:11+0000\n" "Last-Translator: Rodrigo de Araujo Sousa Fonseca " "<rodrigodearaujo@fedoraproject.org>\n" @@ -290,10 +290,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -312,21 +312,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -350,8 +351,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -366,7 +367,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -446,7 +447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -466,12 +467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -479,39 +480,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -520,7 +521,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -649,8 +650,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -871,12 +872,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -960,8 +961,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1037,7 +1038,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1097,8 +1098,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1175,7 +1176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1193,7 +1194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1703,7 +1704,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1716,7 +1717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1730,7 +1731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1793,8 +1794,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1859,8 +1860,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1872,64 +1873,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1937,7 +1938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1949,63 +1950,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2013,12 +2014,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2029,15 +2030,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2045,7 +2046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2053,13 +2054,67 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +msgid "Default: no_session" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2070,24 +2125,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2097,22 +2152,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2120,51 +2175,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2173,12 +2228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2188,36 +2243,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2228,7 +2307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2239,24 +2318,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2264,12 +2343,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2278,24 +2357,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2305,66 +2384,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2372,17 +2451,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2390,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2398,22 +2477,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2422,14 +2501,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2438,38 +2517,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2478,24 +2557,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2504,29 +2583,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2540,14 +2619,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2556,39 +2635,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2597,19 +2676,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2620,115 +2699,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2737,42 +2840,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2780,24 +2895,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2806,17 +2921,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2825,34 +2940,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2860,7 +2975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2868,8 +2983,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2878,8 +2993,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2887,19 +3002,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2908,7 +3023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2916,22 +3031,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2943,7 +3060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2951,19 +3068,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2971,7 +3088,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2979,35 +3096,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3015,19 +3132,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3036,7 +3153,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3044,29 +3161,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3074,7 +3191,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3082,35 +3199,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3118,32 +3235,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3154,7 +3271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3163,12 +3280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3176,7 +3293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3184,31 +3301,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3216,7 +3333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3225,17 +3342,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3243,43 +3360,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3287,7 +3404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3295,7 +3412,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3303,24 +3420,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3328,12 +3445,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3343,7 +3501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3352,29 +3510,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3382,7 +3540,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3392,59 +3550,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3453,77 +3611,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3531,7 +3689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3540,17 +3698,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3558,34 +3716,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3593,32 +3751,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3628,34 +3786,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3664,19 +3822,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3684,24 +3842,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3710,24 +3868,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3737,14 +3895,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3752,21 +3910,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3774,7 +3932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3783,7 +3941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3792,7 +3950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3800,29 +3958,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3830,12 +3988,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3844,12 +4015,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3857,19 +4028,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3886,7 +4057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3894,17 +4065,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3913,7 +4084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3923,7 +4094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3943,12 +4114,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3956,73 +4127,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4030,17 +4201,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4049,17 +4220,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4067,17 +4238,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4085,17 +4256,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4106,69 +4277,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4181,7 +4352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4189,7 +4360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4198,55 +4369,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4255,17 +4426,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4273,26 +4444,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4301,17 +4472,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4321,7 +4492,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4330,59 +4501,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4390,14 +4561,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4405,7 +4576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4413,12 +4584,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4448,7 +4619,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4457,7 +4628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4465,7 +4636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4476,7 +4647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4490,7 +4661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4640,7 +4811,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4812,25 +4983,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4839,24 +5015,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4864,7 +5040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4873,12 +5049,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4886,7 +5062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4896,7 +5072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4906,34 +5082,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4941,22 +5117,32 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4964,7 +5150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4972,12 +5158,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4985,12 +5171,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5001,12 +5187,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5015,12 +5201,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5029,34 +5215,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 -msgid "Default: 900 (15 minutes)" +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 +msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5064,14 +5269,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5079,17 +5284,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5099,12 +5304,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5112,17 +5317,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5130,7 +5348,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5141,7 +5359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5150,7 +5368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5158,26 +5376,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5185,7 +5403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5193,7 +5411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5201,41 +5419,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5244,32 +5462,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5277,24 +5495,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5302,17 +5520,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5323,24 +5541,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5351,12 +5569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5369,7 +5587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5381,17 +5599,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5399,49 +5617,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5449,28 +5667,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5482,7 +5700,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5490,7 +5708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5498,39 +5716,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5540,7 +5758,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5548,26 +5766,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5575,7 +5793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5583,31 +5801,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5616,56 +5834,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5681,12 +5899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5695,14 +5913,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5711,24 +5929,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5736,19 +5954,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5757,7 +5975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5765,7 +5983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5774,7 +5992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5782,22 +6000,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5807,14 +6025,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5827,12 +6045,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5842,7 +6060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5852,63 +6070,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5917,74 +6135,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5995,7 +6213,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6003,24 +6221,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6037,12 +6255,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6050,36 +6268,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6087,14 +6305,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6104,101 +6322,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6207,59 +6425,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6268,22 +6486,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6292,14 +6510,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6307,7 +6525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6320,27 +6538,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6356,13 +6574,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6502,142 +6720,392 @@ msgid "<option>domains</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:152 -msgid "" -"Allows the administrator to restrict the domains a particular PAM service is " -"allowed to authenticate against. The format is a comma-separated list of " -"SSSD domain names, as specified in the sssd.conf file." +#: pam_sss.8.xml:152 +msgid "" +"Allows the administrator to restrict the domains a particular PAM service is " +"allowed to authenticate against. The format is a comma-separated list of " +"SSSD domain names, as specified in the sssd.conf file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:158 +msgid "" +"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " +"and <quote>pam_public_domains</quote> options. Please see the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for more information on these two PAM " +"responder options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:158 -msgid "" -"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " -"and <quote>pam_public_domains</quote> options. Please see the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more information on these two PAM " -"responder options." +#: pam_sss.8.xml:390 +msgid "The user account has expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6645,7 +7113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6657,7 +7125,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7052,168 +7520,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7221,62 +7702,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7284,17 +7765,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7303,129 +7784,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7436,12 +7917,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7449,7 +7930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7461,7 +7942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7470,7 +7951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7480,12 +7961,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7493,40 +7974,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7534,19 +8015,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7556,17 +8037,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7574,19 +8055,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7594,19 +8075,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7614,12 +8095,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7627,19 +8108,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7647,116 +8128,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7766,12 +8247,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7892,7 +8373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7907,7 +8388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7922,12 +8403,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7948,12 +8429,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7977,17 +8458,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -7995,7 +8476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8005,7 +8486,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8022,7 +8503,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8035,12 +8516,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8059,60 +8540,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8226,26 +8707,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8264,7 +8745,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8401,6 +8882,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8573,7 +9055,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8583,88 +9065,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8678,7 +9160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8686,7 +9168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8911,25 +9393,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8940,12 +9424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8954,7 +9438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8963,7 +9447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8972,14 +9456,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -8992,7 +9476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9001,7 +9485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9019,24 +9503,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9045,7 +9529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9054,12 +9538,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9069,7 +9553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9078,16 +9562,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9097,21 +9581,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9121,15 +9605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9144,23 +9620,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9168,22 +9644,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9194,12 +9670,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9209,12 +9685,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9222,12 +9698,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9243,14 +9719,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9258,7 +9734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9270,42 +9746,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9321,7 +9797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9329,7 +9805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9337,7 +9813,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9349,22 +9825,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9380,7 +9856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9388,7 +9864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9396,7 +9872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9408,22 +9884,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9438,14 +9914,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9453,7 +9929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9465,23 +9941,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9497,14 +9973,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9512,7 +9988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9523,19 +9999,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9543,7 +10019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9555,29 +10031,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9585,12 +10061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9603,57 +10079,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9661,17 +10137,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9681,12 +10157,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9697,19 +10203,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9719,12 +10225,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9732,7 +10238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9747,7 +10253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9756,7 +10262,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9764,7 +10270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9774,7 +10280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10816,7 +11322,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -15652,6 +16158,100 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +msgid "Default: ipHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +msgid "Default: ipHostNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +msgid "Default: ipNetwork" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15798,8 +16398,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16456,40 +17056,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16771,7 +17378,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/ru.po b/src/man/po/ru.po index 2325daba0d..a5ba21e6f2 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -6,9 +6,9 @@ # Artyom Kunyov <artkun@guitarplayer.ru>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:07+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -295,10 +295,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -317,21 +317,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -355,8 +356,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -371,7 +372,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -451,7 +452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -471,12 +472,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -484,39 +485,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -525,7 +526,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -654,8 +655,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -764,10 +765,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "По умолчанию: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -878,12 +877,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -967,8 +966,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1044,7 +1043,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1104,8 +1103,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1182,7 +1181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1200,7 +1199,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "По умолчанию: 15" @@ -1710,7 +1709,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1723,7 +1722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1737,7 +1736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1800,8 +1799,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1866,8 +1865,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1879,64 +1878,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1944,7 +1943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1956,63 +1955,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2020,12 +2019,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2036,15 +2035,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2052,7 +2051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2060,13 +2059,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: posixAccount" +msgid "Default: no_session" +msgstr "По умолчанию: posixAccount" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2077,24 +2132,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2104,22 +2159,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2127,51 +2182,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2180,12 +2235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2195,36 +2250,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2235,7 +2314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2246,24 +2325,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2271,12 +2350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2285,24 +2364,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2312,66 +2391,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2379,17 +2458,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2397,7 +2476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2405,22 +2484,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2429,14 +2508,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2445,38 +2524,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2485,24 +2564,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2511,29 +2590,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2547,14 +2626,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2563,39 +2642,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2604,19 +2683,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2627,115 +2706,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2744,42 +2847,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2787,24 +2902,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2813,17 +2928,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2832,34 +2947,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2867,7 +2982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2875,8 +2990,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2885,8 +3000,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2894,19 +3009,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2915,7 +3030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2923,22 +3038,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2950,7 +3067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2958,19 +3075,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2978,7 +3095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2986,35 +3103,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3022,19 +3139,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3043,7 +3160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3051,29 +3168,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3081,7 +3198,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3089,35 +3206,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3125,32 +3242,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3161,7 +3278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3170,12 +3287,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3183,7 +3300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3191,31 +3308,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3223,7 +3340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3232,17 +3349,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3250,43 +3367,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3294,7 +3411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3302,7 +3419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3310,24 +3427,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3335,12 +3452,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3350,7 +3508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3359,29 +3517,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3389,7 +3547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3399,59 +3557,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3460,77 +3618,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3538,7 +3696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3547,17 +3705,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3565,34 +3723,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3600,32 +3758,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3635,34 +3793,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3671,19 +3829,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3691,24 +3849,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3717,24 +3875,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3744,14 +3902,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3759,21 +3917,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3781,7 +3939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3790,7 +3948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3799,7 +3957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3807,29 +3965,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3837,12 +3995,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3851,12 +4022,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3864,19 +4035,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3893,7 +4064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3901,17 +4072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3920,7 +4091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3930,7 +4101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3950,12 +4121,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3963,73 +4134,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4037,17 +4208,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4056,17 +4227,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4074,17 +4245,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4092,17 +4263,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4113,69 +4284,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4188,7 +4359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4196,7 +4367,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4205,55 +4376,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4262,17 +4433,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4280,26 +4451,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4308,17 +4479,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4328,7 +4499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4337,59 +4508,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4397,14 +4568,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4412,7 +4583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4420,12 +4591,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4455,7 +4626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4464,7 +4635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4472,7 +4643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4483,7 +4654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4497,7 +4668,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4647,7 +4818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4819,25 +4990,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4846,24 +5022,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4871,7 +5047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4880,12 +5056,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4893,7 +5069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4903,7 +5079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4913,34 +5089,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4948,30 +5124,40 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:441 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4979,12 +5165,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4992,12 +5178,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5008,12 +5194,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5022,12 +5208,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5036,34 +5222,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "reconnection_retries (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "попыток_соединения (целое число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5071,14 +5278,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5086,17 +5293,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5106,12 +5313,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5119,17 +5326,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5137,7 +5357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5148,7 +5368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5157,7 +5377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5165,26 +5385,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5192,7 +5412,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5200,7 +5420,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5208,41 +5428,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5251,32 +5471,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5284,24 +5504,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5309,17 +5529,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5330,24 +5550,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5358,12 +5578,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5376,7 +5596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5388,17 +5608,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5406,49 +5626,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5456,28 +5676,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5489,7 +5709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5497,7 +5717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5505,39 +5725,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5547,7 +5767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5555,26 +5775,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5582,7 +5802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5590,31 +5810,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5623,56 +5843,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5688,12 +5908,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5702,14 +5922,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5718,24 +5938,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5743,19 +5963,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5764,7 +5984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5772,7 +5992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5781,7 +6001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5789,22 +6009,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5814,14 +6034,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5834,12 +6054,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5849,7 +6069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5859,63 +6079,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5924,74 +6144,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6002,7 +6222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6010,24 +6230,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6044,12 +6264,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6057,36 +6277,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6094,14 +6314,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6111,101 +6331,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6214,59 +6434,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6275,22 +6495,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6299,14 +6519,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6314,7 +6534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6327,27 +6547,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6363,13 +6583,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6527,124 +6747,374 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:390 +msgid "The user account has expired." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 -msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 +#: pam_sss.8.xml:414 msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:424 +msgid "Conversation failure." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6652,7 +7122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6664,7 +7134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7059,168 +7529,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7228,62 +7711,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7291,17 +7774,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7310,129 +7793,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7443,12 +7926,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7456,7 +7939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7468,7 +7951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7477,7 +7960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7487,12 +7970,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7500,40 +7983,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7541,19 +8024,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7563,17 +8046,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7581,19 +8064,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7601,19 +8084,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7621,12 +8104,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7634,19 +8117,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7654,116 +8137,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7773,12 +8256,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7899,7 +8382,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7914,7 +8397,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7929,12 +8412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7955,12 +8438,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7984,17 +8467,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8002,7 +8485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8012,7 +8495,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8029,7 +8512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8042,12 +8525,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8066,60 +8549,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8233,26 +8716,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8271,7 +8754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8408,6 +8891,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8580,7 +9064,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8590,88 +9074,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8685,7 +9169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8693,7 +9177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8918,25 +9402,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8947,12 +9433,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8961,7 +9447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8970,7 +9456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8979,14 +9465,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -8999,7 +9485,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9008,7 +9494,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9026,24 +9512,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9052,7 +9538,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9061,12 +9547,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9076,7 +9562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9085,16 +9571,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9104,21 +9590,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9128,15 +9614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9151,23 +9629,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9175,22 +9653,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9201,12 +9679,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9216,12 +9694,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9229,12 +9707,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9250,14 +9728,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9265,7 +9743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9277,42 +9755,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9328,7 +9806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9336,7 +9814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9344,7 +9822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9356,22 +9834,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9387,7 +9865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9395,7 +9873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9403,7 +9881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9415,22 +9893,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9445,14 +9923,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9460,7 +9938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9472,23 +9950,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9504,14 +9982,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9519,7 +9997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9530,19 +10008,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9550,7 +10028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9562,29 +10040,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9592,12 +10070,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9610,57 +10088,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9668,17 +10146,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9688,12 +10166,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9704,19 +10212,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9726,12 +10234,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9739,7 +10247,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9754,7 +10262,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9763,7 +10271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9771,7 +10279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9781,7 +10289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10823,7 +11331,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13900,10 +14408,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 64" -msgstr "По умолчанию: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 @@ -13919,10 +14425,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 65536" -msgstr "По умолчанию: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15663,6 +16167,106 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: root" +msgid "Default: ipHost" +msgstr "По умолчанию: root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: root" +msgid "Default: ipHostNumber" +msgstr "По умолчанию: root" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: ipNetwork" +msgstr "По умолчанию: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15809,8 +16413,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16467,40 +17071,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16782,7 +17393,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> @@ -16939,6 +17550,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "Default: homeDirectory" -#~ msgstr "По умолчанию: homeDirectory" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index fac55fd725..408cd253a7 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.2.3\n" +"Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:29+0100\n" +"POT-Creation-Date: 2020-05-19 12:09+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -254,7 +254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -271,12 +271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 +#: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 include/autofs_attributes.xml:1 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -299,7 +299,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -314,7 +314,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -395,7 +395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -429,39 +429,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -470,7 +470,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -599,7 +599,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:959 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:959 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -814,12 +814,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -903,7 +903,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -978,7 +978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1038,7 +1038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1116,7 +1116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1134,7 +1134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1644,7 +1644,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1657,7 +1657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1672,7 +1672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1733,7 +1733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1798,7 +1798,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1809,64 +1809,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1874,7 +1874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1886,62 +1886,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -1949,12 +1949,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -1965,15 +1965,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -1981,7 +1981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -1989,13 +1989,66 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder " +"type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +msgid "Default: no_session" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -2007,24 +2060,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2035,22 +2088,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2058,51 +2111,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2112,12 +2165,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2127,36 +2180,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2167,7 +2244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2178,24 +2255,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2203,12 +2280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2217,24 +2294,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -2245,66 +2322,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -2312,17 +2389,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2330,7 +2407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2338,22 +2415,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2362,14 +2439,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2378,38 +2455,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -2418,24 +2495,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2444,29 +2521,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2480,14 +2557,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2496,39 +2573,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2537,19 +2614,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2560,113 +2637,137 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2675,42 +2776,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2718,24 +2831,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2744,17 +2857,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2763,34 +2876,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> " "<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> " @@ -2799,7 +2912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2807,7 +2920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2816,7 +2929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2824,19 +2937,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2845,7 +2958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2853,22 +2966,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2880,7 +2995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2888,19 +3003,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2908,7 +3023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2916,34 +3031,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2951,19 +3066,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -2972,7 +3087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -2981,29 +3096,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -3012,7 +3127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -3020,34 +3135,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3055,31 +3170,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3090,7 +3205,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3099,12 +3214,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3112,7 +3227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3121,31 +3236,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3154,7 +3269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3163,17 +3278,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3181,41 +3296,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3223,7 +3338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -3231,7 +3346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3239,24 +3354,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3265,12 +3380,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " +"LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " +"the AD provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3280,7 +3437,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -3288,29 +3445,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3318,7 +3475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3328,59 +3485,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -3389,76 +3546,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3466,7 +3623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase " "condition=\"enable_local_provider\"> At the moment, this option is not " @@ -3475,17 +3632,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3493,34 +3650,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3528,32 +3685,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3563,32 +3720,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3597,19 +3754,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3617,24 +3774,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3643,24 +3800,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3670,14 +3827,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3685,21 +3842,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3707,7 +3864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3716,7 +3873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3725,7 +3882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -3734,29 +3891,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3764,12 +3921,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3778,12 +3948,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3791,19 +3961,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -3821,7 +3991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3829,17 +3999,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3848,7 +4018,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3858,7 +4028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3878,12 +4048,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3891,73 +4061,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3965,17 +4135,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3984,17 +4154,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4002,17 +4172,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4020,17 +4190,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -4041,69 +4211,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4117,7 +4287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4125,7 +4295,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like " @@ -4134,55 +4304,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4191,17 +4361,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4209,26 +4379,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like " @@ -4237,17 +4407,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file " "(<filename>/var/lib/sss/pubconf/pam_preauth_available</filename>) exists " @@ -4257,7 +4427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4266,59 +4436,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4326,14 +4496,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -4342,7 +4512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, " "e.g. <quote>[prompting/password/sshd]</quote> to individual change the " @@ -4350,12 +4520,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4385,7 +4555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4394,7 +4564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4402,7 +4572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4413,7 +4583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4428,7 +4598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4577,7 +4747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4748,25 +4918,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4775,24 +4950,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4800,7 +4975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4809,12 +4984,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -4822,7 +4997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4832,7 +5007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4842,56 +5017,66 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4899,7 +5084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4907,12 +5092,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4920,12 +5105,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -4936,12 +5121,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4950,12 +5135,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4964,34 +5149,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4999,7 +5203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -5007,7 +5211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5015,17 +5219,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5035,12 +5239,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5048,17 +5252,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5066,7 +5283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to " "0. Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5077,7 +5294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5086,7 +5303,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5094,26 +5311,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5121,7 +5338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5129,7 +5346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5137,41 +5354,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5180,32 +5397,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5213,24 +5430,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5238,17 +5455,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5259,24 +5476,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5287,12 +5504,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5305,7 +5522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5317,17 +5534,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5335,49 +5552,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5385,29 +5602,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is " "used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -5419,7 +5636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5427,7 +5644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -5436,39 +5653,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5478,7 +5695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -5487,26 +5704,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -5515,7 +5732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5523,31 +5740,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5556,56 +5773,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5622,12 +5839,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5636,14 +5853,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5652,24 +5869,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5677,19 +5894,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5698,7 +5915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -5706,7 +5923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5715,7 +5932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -5723,22 +5940,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5748,7 +5965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the " "<quote>ppolicy</quote> option and might be removed in a future release. " @@ -5756,7 +5973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5769,12 +5986,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5784,7 +6001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5794,38 +6011,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control " @@ -5833,24 +6050,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5859,74 +6076,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5937,7 +6154,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5945,24 +6162,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -5979,12 +6196,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -5992,36 +6209,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6029,14 +6246,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6046,100 +6263,100 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6148,59 +6365,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6209,22 +6426,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6233,12 +6450,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:130 sssd-session-recording.5.xml:144 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6246,7 +6463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6259,24 +6476,24 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6292,12 +6509,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6439,142 +6656,392 @@ msgid "<option>domains</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:152 -msgid "" -"Allows the administrator to restrict the domains a particular PAM service is " -"allowed to authenticate against. The format is a comma-separated list of " -"SSSD domain names, as specified in the sssd.conf file." +#: pam_sss.8.xml:152 +msgid "" +"Allows the administrator to restrict the domains a particular PAM service is " +"allowed to authenticate against. The format is a comma-separated list of " +"SSSD domain names, as specified in the sssd.conf file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:158 +msgid "" +"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " +"and <quote>pam_public_domains</quote> options. Please see the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page for more information on " +"these two PAM responder options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:158 -msgid "" -"NOTE: Must be used in conjunction with the <quote>pam_trusted_users</quote> " -"and <quote>pam_public_domains</quote> options. Please see the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page for more information on " -"these two PAM responder options." +#: pam_sss.8.xml:390 +msgid "The user account has expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be " @@ -6583,7 +7050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file " "<filename>pam_sss_pw_reset_message.LOC</filename> where LOC stands for a " @@ -6596,7 +7063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory " "<filename>/etc/sssd/customize/DOMAIN_NAME/</filename>. If no matching file " @@ -6992,168 +7459,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be " "matched. All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as " @@ -7161,62 +7641,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in " "dotted-decimal notation, interpret it as string and try to match it against " @@ -7224,17 +7704,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7243,129 +7723,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for " "<ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7375,12 +7855,12 @@ msgid "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7388,7 +7868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7400,7 +7880,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7409,7 +7889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7419,12 +7899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7432,40 +7912,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: " "(ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7473,19 +7953,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: " "(ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7495,17 +7975,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7513,19 +7993,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: " "(|(userPrincipal={subject_principal})(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7533,19 +8013,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: " "(|(userPrincipal={subject_pkinit_principal})(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7553,12 +8033,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7566,19 +8046,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: " "(|(mail={subject_rfc822_name})(uid={subject_rfc822_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7586,114 +8066,114 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7703,12 +8183,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7831,7 +8311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7846,7 +8326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7861,12 +8341,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7887,12 +8367,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7916,17 +8396,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -7934,7 +8414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -7944,7 +8424,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -7962,7 +8442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -7975,12 +8455,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -7999,60 +8479,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8166,26 +8646,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8203,7 +8683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8337,7 +8817,7 @@ msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8510,7 +8990,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8520,87 +9000,87 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder " +"type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> " +"For more details, see the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8615,7 +9095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -8623,7 +9103,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8849,25 +9329,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8878,12 +9360,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the " @@ -8892,7 +9374,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or " "forest. This extended filter would consist of: " @@ -8901,7 +9383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then " "<quote>NAME</quote> specifies the domain or subdomain the filter applies " @@ -8910,14 +9392,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full " @@ -8930,7 +9412,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the " @@ -8939,7 +9421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -8957,24 +9439,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -8983,7 +9465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -8992,12 +9474,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9007,7 +9489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9016,16 +9498,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9035,21 +9517,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9059,15 +9541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9083,22 +9557,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9106,22 +9580,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed " "access. When this option is set to True users will be allowed access only " @@ -9132,12 +9606,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9147,12 +9621,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9160,12 +9634,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9181,14 +9655,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9196,7 +9670,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9208,42 +9682,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9259,7 +9733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9267,7 +9741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9275,7 +9749,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9287,22 +9761,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9318,7 +9792,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9326,7 +9800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9334,7 +9808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9346,22 +9820,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9376,14 +9850,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9391,7 +9865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9403,22 +9877,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9434,14 +9908,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9449,7 +9923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using " "<quote>+service_name</quote>. Since the default set is empty, it is not " @@ -9460,19 +9934,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9480,7 +9954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9492,29 +9966,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9522,12 +9996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9540,57 +10014,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9598,17 +10072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal " "task. The option expects 2 integers separated by a colon (':'). The first " @@ -9618,12 +10092,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9634,19 +10138,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9656,12 +10160,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -9669,7 +10173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9684,7 +10188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9693,7 +10197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9701,7 +10205,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9711,7 +10215,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10758,7 +11262,7 @@ msgstr "" msgid "" "This backend also provides access control based on the .k5login file in the " "home directory of the user. See <citerefentry> " -"<refentrytitle>.k5login</refentrytitle><manvolnum>5</manvolnum> " +"<refentrytitle>k5login</refentrytitle><manvolnum>5</manvolnum> " "</citerefentry> for more details. Please note that an empty .k5login file " "will deny all access to this user. To activate this feature, use " "'access_provider = krb5' in your SSSD configuration." @@ -15610,6 +16114,100 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +msgid "Default: ipHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +msgid "Default: ipHostNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +msgid "Default: ipNetwork" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15757,7 +16355,7 @@ msgstr "" #: include/upstream.xml:2 msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - " -"https://pagure.io/SSSD/sssd/</orgname>" +"https://github.com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16415,33 +17013,40 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" @@ -16449,7 +17054,7 @@ msgstr "" #: include/experimental.xml:1 msgid "" "<emphasis> This is an experimental feature, please use " -"https://pagure.io/SSSD/sssd/ to report any issues. </emphasis>" +"https://github.com/SSSD/sssd/ to report any issues. </emphasis>" msgstr "" #. type: Content of: <refsect1><title> @@ -16743,7 +17348,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/sv.po b/src/man/po/sv.po index edd640ae9f..4371bd1ca0 100644 --- a/src/man/po/sv.po +++ b/src/man/po/sv.po @@ -2,9 +2,9 @@ # Göran Uddeborg <goeran@uddeborg.se>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2019-11-11 02:33+0000\n" "Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n" "Language-Team: Swedish\n" @@ -343,10 +343,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standard: true" @@ -367,21 +367,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Standard: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -408,8 +409,8 @@ msgstr "" "att efter tre missade hjärtslag kommer processen avsluta sig själv." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Standard: 10" @@ -424,7 +425,7 @@ msgid "The [sssd] section" msgstr "Sektionen [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Sektionsparametrar" @@ -525,7 +526,7 @@ msgstr "" "understrykningstecken." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (sträng)" @@ -550,12 +551,12 @@ msgstr "" "för mer information om dessa reguljära uttryck." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -566,32 +567,32 @@ msgstr "" "samman ett fullständigt kvalificerat namn från namn- och domänkomponenter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "domännamn som det anges i SSSD-konfigurationsfilen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -600,7 +601,7 @@ msgstr "" "både direkt konfigurerade eller hittade via IPA-förtroenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -609,8 +610,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Varje domän kan ha en egen formatsträng konfigurerad. Får några ID-" @@ -619,10 +624,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (boolean)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -638,21 +641,11 @@ msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD övervakar tillståndet hos resolv.conf för att identifiera när den " -"behöver uppdatera sin interna DNS-uppslagning. Som standard kommer vi " -"försöka använda inotify till detta, och kommer falla tillbaka på att polla " -"resolv.conf var femte sekund om inotify inte kan användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:344 @@ -770,13 +763,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:420 -#, fuzzy -#| msgid "" -#| "Please note that if this option is set all users from the primary domain " -#| "have to use their fully qualified name, e.g. user@domain.name, to log in. " -#| "Setting this option changes default of use_fully_qualified_names to True. " -#| "It is not allowed to use this option together with " -#| "use_fully_qualified_names set to False." msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -787,16 +773,10 @@ msgid "" "nss_files and therefore their output is not qualified even when the " "default_domain_suffix option is used." msgstr "" -"Observera att om detta alternativ anges måste alla användare från den " -"primära domänen använda sitt fullständigt kvalificerade namn, t.ex. " -"användare@domän.namn, för att logga in. Att ange detta alternativ ändrar " -"standardet på use_fully_qualified_names till True. Det är inte tillåtet att " -"använda detta alternativ tillsammans med use_fully_qualified_names satt " -"till False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -866,10 +846,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:483 -#, fuzzy -#| msgid "no_ocsp" msgid "soft_ocsp" -msgstr "no_ocsp" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:485 sssd.conf.5.xml:585 @@ -919,10 +897,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Standard: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -1058,12 +1034,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "Denna manualsida genererades för NSS-versionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "Denna manualsida genererades för OpenSSL-versionen." @@ -1172,8 +1148,8 @@ msgstr "" "användarnamn kan överlappa mellan domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Standard: inte satt" @@ -1269,7 +1245,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Standard: 60" @@ -1344,8 +1320,8 @@ msgstr "" "antingen uttags- eller D-Bus-aktiverade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Standard: 300" @@ -1440,7 +1416,7 @@ msgstr "" "(0 avaktiverar denna funktion)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Standard: 50" @@ -1461,7 +1437,7 @@ msgstr "" "bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Standard: 15" @@ -2064,7 +2040,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "Visa en varning N dagar före lösenordet går ut." @@ -2079,7 +2055,7 @@ msgstr "" "lösenordet. Om denna information saknas kan sssd inte visa någon varning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2097,7 +2073,7 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> för en viss domän." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Standard: 0" @@ -2173,8 +2149,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Standard: none" @@ -2251,8 +2227,8 @@ msgstr "" "autentiseringsprocessen är detta alternativ avaktiverat som standard." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Default: False" @@ -2264,25 +2240,29 @@ msgstr "pam_cert_db_path (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" -"Sökvägen till certifikatdatabasen som innehåller PKCS#11-mudulerna för att " -"komma åt smartkortet." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "Standard:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "/etc/pki/nssdb (NSS-version, sökväg till en NSS-databas)" +#: sssd.conf.5.xml:1454 +#, fuzzy +#| msgid "" +#| "The path to the certificate database which contain the PKCS#11 modules to " +#| "access the Smartcard." +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" +msgstr "" +"Sökvägen till certifikatdatabasen som innehåller PKCS#11-mudulerna för att " +"komma åt smartkortet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" @@ -2291,22 +2271,22 @@ msgstr "" "betrodda CA-certifikat i PEM-format)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Hur många sekunder pam_sss kommer vänta på p11_child att avsluta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "pam_app_services (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2315,12 +2295,12 @@ msgstr "" "<quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "pam_p11_allowed_services (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2329,7 +2309,7 @@ msgstr "" "tillåtet att använda smarta kort." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2339,7 +2319,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2359,63 +2339,63 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "Standard: standarduppsättningen av PAM-tjänstenamn innefattar:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2425,12 +2405,12 @@ msgstr "" "p11_child_timeout PAM-respondenten skall vänta på att ett smartkort sätts in." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "p11_uri (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2447,17 +2427,20 @@ msgstr "" "användas för att säga till p11_child att använda en specifik läsare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 -#, no-wrap +#: sssd.conf.5.xml:1604 +#, fuzzy, no-wrap +#| msgid "" +#| "p11_uri = slot-description=My%20Smartcar%20Reader\n" +#| " " msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" "p11_uri = slot-description=Min%20smartkortläsare\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2467,7 +2450,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2479,13 +2462,69 @@ msgstr "" "felsökningsutdata från p11_child. Som ett alternativ kommer GnuTLS-" "verktyget ”p11tool” med t.ex. ”--list-all” visa även PKCS#11 URI:er." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Standard: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "SUDO-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2503,12 +2542,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2517,12 +2556,12 @@ msgstr "" "tidsberoende sudoers-poster skall evalueras eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2537,22 +2576,22 @@ msgstr "" "gränsvärde gäller även IPA-sudo-kommandon och kommandugruppsökningar." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "AUTOFS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2563,22 +2602,22 @@ msgstr "" "finns) innan bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "SSH-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2587,12 +2626,12 @@ msgstr "" "till kontrollsummor eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2601,17 +2640,17 @@ msgstr "" "att dess värdnycklar begärdes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Standard: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2625,14 +2664,12 @@ msgstr "" "manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_certificate (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2642,26 +2679,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -#, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Default: not set (blanka kommer inte ersättas)" +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "ca_db (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2669,13 +2723,18 @@ msgstr "" "Sökväg till lagring av betrodda CA-certifikat. Alternativet används för att " "validera användarcertifikat före publika ssh-nycklar härleds från dem." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "/etc/pki/nssdb (NSS-version, sökväg till en NSS-databas)" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "PAC-respondentskonfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2693,7 +2752,7 @@ msgstr "" "beräknad kommer några av följande operationer att göras:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2709,7 +2768,7 @@ msgstr "" "kan skrivas över med parametern default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2718,17 +2777,17 @@ msgstr "" "användaren läggas till i dessa grupper." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "Dessa alternativ kan användas för att konfigurera PAC-respondenten." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2739,12 +2798,12 @@ msgstr "" "uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "Standard: 0 (endast root-användaren tillåts komma åt PAC-respondenten)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2757,12 +2816,12 @@ msgstr "" "0 i listan av tillåtna UID:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2771,12 +2830,12 @@ msgstr "" "datan användas för att avgöra gruppmedlemskap för en användare." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "Konfigurationsalternatvi för inspelning av sessioner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2792,33 +2851,33 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" "Dessa alternativ kan användas för att konfigurera inspelning av sessioner." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Inga användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "”some”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2827,17 +2886,17 @@ msgstr "" "och <replaceable>groups</replaceable> spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "”all”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Alla användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2846,17 +2905,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Standard: ”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2867,17 +2926,17 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Default: Tomt. Matchar inte några användare." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2888,7 +2947,7 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2899,22 +2958,22 @@ msgstr "" "användare måste hämtas och matchas mot grupperna användaren är en medlem i." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Standard: Tom. Matchar inga grupper." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "DOMÄNSEKTIONER" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "domain_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2927,7 +2986,7 @@ msgstr "" "operativsystemets gränssnitt och verktyg." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2936,7 +2995,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2949,7 +3008,7 @@ msgstr "" "respondenten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -2958,7 +3017,7 @@ msgstr "" "<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -2967,17 +3026,17 @@ msgstr "" "<quote>Programdomäner</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "Standard: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2986,7 +3045,7 @@ msgstr "" "utanför dessa gränser ignoreras den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2999,7 +3058,7 @@ msgstr "" "ligger i intervallet rapporteras som förväntat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3008,17 +3067,17 @@ msgstr "" "när de returneras via namn eller ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Standard: 1 för min_id, 0 (ingen gräns) för max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3031,22 +3090,22 @@ msgstr "" "Denna parameter kan ha ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Användare och grupper räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Inga uppräkningar för denna domän" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Standard: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3055,7 +3114,7 @@ msgstr "" "grupposter från fjärrservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3078,7 +3137,7 @@ msgstr "" "med startas om av den interna vakthunden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3087,7 +3146,7 @@ msgstr "" "användar- eller grupplistan returnera utan resultat tills den är färdig." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3100,7 +3159,7 @@ msgstr "" "information, se manualsidorna för den specifika id-leverantören som används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3109,32 +3168,32 @@ msgstr "" "stora miljöer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "Alla upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "Inga upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3147,12 +3206,12 @@ msgstr "" "bara för dessa betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3161,7 +3220,7 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3178,17 +3237,17 @@ msgstr "" "redan har cachats." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Standard: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3197,19 +3256,19 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Standard: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3218,12 +3277,12 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3232,12 +3291,12 @@ msgstr "" "frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3246,12 +3305,32 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (heltal)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"Hur många sekunder nss_sss skall anse användarposter giltiga före den frågar " +"bakänden igen" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3260,12 +3339,12 @@ msgstr "" "igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3274,12 +3353,12 @@ msgstr "" "giltiga före den frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3288,12 +3367,32 @@ msgstr "" "hur länge värdnyckeln skall cachas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (heltal)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"Hur många sekunder nss_sss skall anse poster giltiga före den frågar " +"bakänden igen" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3302,7 +3401,7 @@ msgstr "" "i bakgrunden som kommer uppdatera alla utgångna eller nästan utgångna poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3311,47 +3410,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 -#, fuzzy -#| msgid "" -#| "This option specifies the maximum allowed number of nested containers." +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" -"Detta alternativ specificerar det maximala antalet tillåtna nästlade " -"behållare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "Du kan överväga att sätta detta värde till ¾ · entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Standard: 0 (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "Bestämmer om användarkreditiv också cachas i den lokala LDB-cachen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "Användarkreditiv sparas i en SHA512-kontrollsumma, inte i klartext" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3362,7 +3468,7 @@ msgstr "" "lösenord) måste ha för att sparas som en SHA512-kontrollsumma i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3372,17 +3478,17 @@ msgstr "" "attacker." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "Standard: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3395,17 +3501,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Standard: 0 (obegränsat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3417,17 +3523,17 @@ msgstr "" "Dessutom måste en autentiseringsleverantör ha konfigurerats för bakänden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Standard: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3435,12 +3541,12 @@ msgstr "" "stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: Stöd en tidigare NSS-leverantör." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" @@ -3448,7 +3554,7 @@ msgstr "" "(FÖRÅLDRAT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3459,7 +3565,7 @@ msgstr "" "information om hur lokala användare och grupper kan speglas in i SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3470,8 +3576,8 @@ msgstr "" "information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3484,8 +3590,8 @@ msgstr "" "konfigurera FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3496,12 +3602,12 @@ msgstr "" "citerefentry> för mer information om att konfigurera Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3510,7 +3616,7 @@ msgstr "" "full_name_format) som användarens inloggningsnamn rapporterat till NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3524,7 +3630,7 @@ msgstr "" "command> skulle det." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3536,22 +3642,26 @@ msgstr "" "namn begärs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +#, fuzzy +#| msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "Standard: FALSE (TRUE om default_domain_suffix används)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "Returnera inte gruppmedlemmar för gruppuppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3570,7 +3680,7 @@ msgstr "" "som om den vore tom." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3581,12 +3691,12 @@ msgstr "" "innehåller många medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3595,7 +3705,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3606,7 +3716,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3617,7 +3727,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3625,17 +3735,17 @@ msgstr "" "PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: SSSD:s interna leverantör för lokala användare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> avaktiverar explicit autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3644,12 +3754,12 @@ msgstr "" "autentiseringsbegäranden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3660,7 +3770,7 @@ msgstr "" "Interna specialleverantörer är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3669,12 +3779,12 @@ msgstr "" "åtkomstleverantören för en lokal domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> neka alltid åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3687,7 +3797,7 @@ msgstr "" "konfigurera åtkomstmodulen simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3698,24 +3808,24 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> för att skicka vidare åtkomstkontroll till någon annam " "PAM-modul." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Standard: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3724,7 +3834,7 @@ msgstr "" "av lösenordsändring som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3735,7 +3845,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3746,7 +3856,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3754,12 +3864,12 @@ msgstr "" "annat PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte lösenordsändringar.." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3768,18 +3878,18 @@ msgstr "" "hantera begäranden om ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "SUDO-leverantören som används för domänen. SUDO-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3790,7 +3900,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3799,7 +3909,7 @@ msgstr "" "standandardsinställningar för IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3808,18 +3918,18 @@ msgstr "" "standandardsinställningar för AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> avaktiverar explicit SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "Standard: värdet på <quote>id_provider</quote> används om det är satt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3836,7 +3946,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3849,12 +3959,12 @@ msgstr "" "relaterad aktivitet i SSSD om du inte vill använda sudo med SSSD alls." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3865,7 +3975,7 @@ msgstr "" "åtkomstleverantören avslutar. Selinux-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3877,14 +3987,14 @@ msgstr "" "konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> tillåter uttryckligen inte att hämta selinux-" "inställningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3893,12 +4003,12 @@ msgstr "" "begäranden om inläsning av selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3907,7 +4017,7 @@ msgstr "" "alltid vara samma som id_provider. Underdomänleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3919,7 +4029,7 @@ msgstr "" "konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3932,17 +4042,17 @@ msgstr "" "konfigurera AD-leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte att hämta underdomäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "session_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3954,14 +4064,14 @@ msgstr "" "med IPA. Sessionsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> för att utföra uppgifter relaterade till " "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -3969,7 +4079,7 @@ msgstr "" "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -3978,7 +4088,7 @@ msgstr "" "sessionsrelaterade uppgifter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -3988,12 +4098,12 @@ msgstr "" "användaren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4001,7 +4111,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4012,7 +4122,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4023,7 +4133,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4035,17 +4145,17 @@ msgstr "" "leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> avaktiverar explicit autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4054,7 +4164,7 @@ msgstr "" "leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4065,12 +4175,80 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> avaktiverar explicit värd-id:n." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"Leverantören som skall hantera lösenordsändringar för domänen. Leverantörer " +"av lösenordsändring som stödjs är:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> för att läsa mappar lagrade i LDAP. Se <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring the AD provider." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>ad</quote> för att läsa mappar lagrade i en AD-server. Se " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för mer information om att konfigurera AD-" +"leverantören." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "<quote>none</quote> tillåter uttryckligen inte att hämta underdomäner." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4085,7 +4263,7 @@ msgstr "" "(NetBIOS) namnet på domänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -4098,22 +4276,22 @@ msgstr "" "användarnamn:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "användarnamn@domän.namn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "domån\\användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4122,7 +4300,7 @@ msgstr "" "tredje för att tillåta enkel integration av användare från Windows-domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -4133,7 +4311,7 @@ msgstr "" "quote>, sedan är domänen allting efter det”" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -4148,17 +4326,17 @@ msgstr "" "P<name>.+)@(?P<domain>[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4167,42 +4345,42 @@ msgstr "" "uppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Värden som stödjs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Försök slå up IPv4-adresser, om det misslyckas, prova IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Försök endast slå upp värdnamn som IPv4-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Försök slå up IPv6-adresser, om det misslyckas, prova IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Försök endast slå upp värdnamn som IPv6-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Standard: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4214,7 +4392,7 @@ msgstr "" "nås kommer domänen fortsätta att fungera i frånkopplat läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -4222,18 +4400,18 @@ msgstr "" "Se avsnittet <quote>RESERVER</quote> för mer information om tjänstevalet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Standard: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4242,52 +4420,52 @@ msgstr "" "fråga om tjänsteupptäckt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "Standard: använd domändelen av maskinens värdnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "Ersätt det primära GID-värdet med det angivna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "case_sensitive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "Skiftlägeskänsligt. Detta värde är inte giltigt för AD-leverantörer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "Skiftlägesokänsligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4298,7 +4476,7 @@ msgstr "" "tjänster även protokollnamn) fortfarande skiftas ner i utdata." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -4311,17 +4489,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "Standard: True (False för AD-leverantören)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4332,27 +4510,27 @@ msgstr "" "följande alternativ ärvas:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4361,7 +4539,7 @@ msgstr "" "ldap_krb5_keytab sätts särskilt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4371,33 +4549,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Observera: detta alternativ fungerar endast med leverantörerna IPA och AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "platt (NetBIOS) namn på en underdomän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4412,36 +4590,36 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "Värdet kan åsidosättas av alternativet <emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Standard: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Diverse taggar lagrade av ralmd-konfigurationstjänsten för denna domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4454,7 +4632,7 @@ msgstr "" "uppkopplad autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -4463,12 +4641,12 @@ msgstr "" "det inte möjligt att ange olika värden för varje betrodd domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "Specialvärdet 0 betyder att denna funktion är avaktiverad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4479,17 +4657,17 @@ msgstr "" "<quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "auto_private_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -4498,7 +4676,7 @@ msgstr "" "GID-numret ignoreras i detta läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4511,12 +4689,12 @@ msgstr "" "framtvingar unika nummer över hela ID-rymden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -4525,19 +4703,12 @@ msgstr "" "till ett gruppobjekt i LDAP-databasen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 -#, fuzzy -#| msgid "" -#| "A primary group is autogenerated for user entries whose UID and GID " -#| "numbers have the same value and at the same time the GID number does not " -#| "correspond to a real group object in LDAP If the values are the same, but " -#| "the primary GID in the user entry is also used by a group object, the " -#| "primary GID of the user resolves to that group object." +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4545,14 +4716,9 @@ msgid "" "GID in the user entry is also used by a group object, the primary GID of the " "user resolves to that group object." msgstr "" -"En primär grupp autogenereras för användarposter vars UID- och GID-nummer " -"har samma värde och GID-numret på samma gång inte motsvarar ett verkligt " -"gruppobjekt i LDAP. Om värdena är samma, men det primära GID:t i " -"användarposten även används av ett gruppobjekt slås användarens primära GID " -"upp till det gruppobjektet. " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -4561,7 +4727,7 @@ msgstr "" "kan GID:t helt enkelt inte slås upp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4572,7 +4738,7 @@ msgstr "" "befintliga användarnas privata grupper." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -4581,7 +4747,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -4591,7 +4757,7 @@ msgstr "" "översättning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4601,7 +4767,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4613,7 +4779,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4627,7 +4793,7 @@ msgstr "" "\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4638,17 +4804,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "Proxymålet PAM är en proxy för." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4657,12 +4823,12 @@ msgstr "" "eller skapa en ny och lägga till tjänstenamnet här." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4673,12 +4839,35 @@ msgstr "" "exempel _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"Namnet på NSS-biblioteket att använda i proxy-dämenter. NSS-funktioner som " +"letas efter i biblioteket har formen _nss_$(libName)_$(function), till " +"exempel _nss_files_getpwent." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4691,12 +4880,12 @@ msgstr "" "få SSSD att utföra ID-uppslagningen från cachen av prestandaskäl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4708,7 +4897,7 @@ msgstr "" "begäranden skulle köas upp." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4717,12 +4906,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "Programdomäner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4751,7 +4940,7 @@ msgstr "" "traditionell SSSD-domän." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4762,17 +4951,17 @@ msgstr "" "programdomänen och dess POSIX-syskondomän sätts korrekt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "Programdomänparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "inherit_from (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4785,7 +4974,7 @@ msgstr "" "quote>domänens inställningar." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4800,7 +4989,7 @@ msgstr "" "attributet telefon nåbart via D-Bus-gränssnittet." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4834,12 +5023,12 @@ msgstr "" "ldap_user_extra_attrs = telefon:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "Den lokala domänsektionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4850,29 +5039,29 @@ msgstr "" "<replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Standardskalet för användare som skapas med SSSD:s verktyg för " "användarrymden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Standard: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4881,17 +5070,17 @@ msgstr "" "replaceable> och använder det som hemkatalogen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Standard: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4900,17 +5089,17 @@ msgstr "" "åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Standard: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4919,12 +5108,12 @@ msgstr "" "användare. Kan åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4935,17 +5124,17 @@ msgstr "" "på en nyskapad hemkatalog." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Standard: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4958,17 +5147,17 @@ msgstr "" "citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Standard: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4979,17 +5168,17 @@ msgstr "" "ett standardvärde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Standard: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -5000,17 +5189,17 @@ msgstr "" "Ingen hänsyn tas till returkoden från kommandot." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Standard: Inget, inget kommando körs" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "SEKTIONEN BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5027,57 +5216,57 @@ msgstr "" "alternativ i sektionen för betrodda domäner är:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -5086,12 +5275,12 @@ msgstr "" "manualsidan." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "CERTIFIKATSMAPPNINGSSEKTION" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5113,7 +5302,7 @@ msgstr "" "när lokala tjänster använder PAM för autentisering." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5125,7 +5314,7 @@ msgstr "" "detaljer)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5138,12 +5327,12 @@ msgstr "" "replaceable>]</quote>. I denna sektion är följande alternativ tillåtna:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "matchrule (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -5152,7 +5341,7 @@ msgstr "" "alla andra ignoreras." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -5161,17 +5350,17 @@ msgstr "" "Extended Key Usage <quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "maprule (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "Definierar hur användaren hittas för ett givet certifikat." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -5180,7 +5369,7 @@ msgstr "" "<quote>ldap</quote>, <quote>AD</quote> eller <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." @@ -5189,12 +5378,12 @@ msgstr "" "användare med samma namn." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "domains (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5207,17 +5396,17 @@ msgstr "" "lägga till regeln till underdomäner också." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "Standard: den konfigurerade domänen i sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "priority (heltal)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5228,12 +5417,12 @@ msgstr "" "prioriteten medans <quote>4294967295</quote> är den lägsta." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "Standard: den lägsta prioriteten" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -5243,7 +5432,7 @@ msgstr "" "speciella egenskaper:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -5252,7 +5441,7 @@ msgstr "" "användaren" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5265,17 +5454,17 @@ msgstr "" "short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "alternativet <quote>domains</quote> ignoreras" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "SEKTIONEN FÖR FRÅGEKONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5290,41 +5479,31 @@ msgstr "" "tillämpliga kreditiv." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 -#, fuzzy -#| msgid "" -#| "With the growing number of authentication methods and the possibility " -#| "that there are multiple ones for a single user the heuristic used by " -#| "pam_sss to select the prompting might not be suitable for all use cases. " -#| "To following options should provide a better flexibility here." +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " "select the prompting might not be suitable for all use cases. The following " "options should provide a better flexibility here." msgstr "" -"Med det växande antalet autentiseringsmetoder och möjligheten att det finns " -"flera olika för en enskild användare kan det hända att heurestiken som " -"används av pam_sss för att välja fråga inte är lämplig för alla " -"användarfall. Följande alternativ bör ge en bättre flexibilitet här." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "för att ändra strängen i lösenordsfrågan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -5333,53 +5512,45 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "för att ändra strängen som frågar efter den första faktorn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "för att ändra strängen som frågar efter den andra faktorn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 -#, fuzzy -#| msgid "" -#| "boolean value, if True there will be only a single prompt using the value " -#| "of first_prompt where it is expected that both factor are entered as a " -#| "single string" +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " "string" msgstr "" -"booleskt värde, om True kommer det bara vara en fråga som använder värdet på " -"first_prompt där det förväntas att båda faktorerna matas in som en enda " -"sträng" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5388,46 +5559,28 @@ msgstr "" "alternativen: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 -#, fuzzy -#| msgid "" -#| "Each supported authentication method has it's own configuration sub-" -#| "section under <quote>[prompting/...]</quote>. Currently there are: " -#| "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#| "\"variablelist\" id=\"1\"/>" +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" "\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/>" msgstr "" -"Varje autentiseringsmetod som stödjs har sin ege konfigurationsundersektion " -"under <quote>[prompting/…]</quote>. För närvarande finns det: <placeholder " -"type=\"variablelist\" id=\"0\"/> <placeholder type=\"variablelist\" id=\"1\"/" -">" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 -#, fuzzy -#| msgid "" -#| "It is possible to add a sub-section for specific PAM services like e.g. " -#| "<quote>[prompting/password/sshd]</quote> to individual change the " -#| "prompting for this service." +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " "for this service." msgstr "" -"Det är möjligt att lägga till en undersektion för specifika PAM-tjänster som " -"t.ex. <quote>[prompting/password/sshd]</quote> för att ändra frågorna " -"enskild för denna tjänst." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -5481,7 +5634,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5493,7 +5646,7 @@ msgstr "" "domäner för fler detaljer. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5503,7 +5656,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5519,7 +5672,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5541,7 +5694,7 @@ msgstr "" "matchrule = <ISSUER>^CN=My-CA,DC=MIN,DC=DOMÄN$<SUBJECT>^CN=User.Name,DC=MIN,DC=DOMÄN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5728,7 +5881,7 @@ msgstr "" "ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Exempel:" @@ -5926,27 +6079,40 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Standard: password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Se manualsidan <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> för mer information " +"om lokaliseringsinsticksmodulen." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"Autentiseringstecknet hos standardbindnings-DN. Endast lösenord i klartext " -"stödjs för närvarande." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "Typen på autentiseringstecknet hos standardbindnings-DN." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5959,12 +6125,12 @@ msgstr "" "rike i versaler." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5973,12 +6139,12 @@ msgstr "" "uppräknade poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5989,7 +6155,7 @@ msgstr "" "att spara utrymme." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6002,12 +6168,12 @@ msgstr "" "Som standard kör rensningsjobbet var 3:e timma när uppräkning är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6018,7 +6184,7 @@ msgstr "" "kommer följa. Detta alternativ har ingen effekt på schemat RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6034,7 +6200,7 @@ msgstr "" "ursprungliga uppslagningen om den slås upp igen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6049,12 +6215,12 @@ msgstr "" "false för att begränsa gruppnästning." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Standard: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6064,22 +6230,22 @@ msgstr "" "2008 och senare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "Standard: true för AD och IPA annars false." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "Frivillig. Använd den givna strängen som en sökbas för värdobjekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6089,22 +6255,36 @@ msgstr "" "multipla sökbaser." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Standard: värdet på <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ldap_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ldap_host_search_base (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6114,7 +6294,7 @@ msgstr "" "och cachade resultat returneras (och går in i frånkopplat läge)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6125,12 +6305,12 @@ msgstr "" "för specifika uppslagningstyper." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6141,12 +6321,12 @@ msgstr "" "returneras (och går in i frånkopplat läge)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6163,12 +6343,12 @@ msgstr "" "citerefentry> returnerar om inget händer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6182,12 +6362,12 @@ msgstr "" "operationen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6200,17 +6380,38 @@ msgstr "" "(detta värde eller TGT-livslängden) användas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Standard: 900 (15 minuter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (heltal)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6219,17 +6420,17 @@ msgstr "" "LDAP-servrar framtvingar en maximal gräns per begäran." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Standard: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6240,7 +6441,7 @@ msgstr "" "RootDSE men det inte är aktiverat eller inte fungerar som det skall." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6250,7 +6451,7 @@ msgstr "" "den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6261,17 +6462,17 @@ msgstr "" "att några begäranden nekas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "Avaktivera Active Directory intervallhämtning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6287,12 +6488,12 @@ msgstr "" "medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6302,18 +6503,41 @@ msgstr "" "säkerhetsnivån som är nödvändig för att etablera förbindelsen. Värdet på " "detta alternativ är definierat av OpenLDAP." -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 -msgid "Default: Use the system default (usually specified by ldap.conf)" -msgstr "Standard: använd systemstandard (vanligen angivet i ldap.conf)" - +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 +msgid "Default: Use the system default (usually specified by ldap.conf)" +msgstr "Standard: använd systemstandard (vanligen angivet i ldap.conf)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (heltal)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +#, fuzzy +#| msgid "" +#| "When communicating with an LDAP server using SASL, specify the minimum " +#| "security level necessary to establish the connection. The values of this " +#| "option are defined by OpenLDAP." +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" +"Vid kommunikation med en LDAP-server med SASL, ange den minsta " +"säkerhetsnivån som är nödvändig för att etablera förbindelsen. Värdet på " +"detta alternativ är definierat av OpenLDAP." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6324,7 +6548,7 @@ msgstr "" "individuellt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6341,7 +6565,7 @@ msgstr "" "rootDSE-objektet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6354,7 +6578,7 @@ msgstr "" "OpenLDAP och Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6365,12 +6589,12 @@ msgstr "" "oavsett denna inställning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6379,7 +6603,7 @@ msgstr "" "några. Det kan anges som ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6388,7 +6612,7 @@ msgstr "" "några servercertifikat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6399,7 +6623,7 @@ msgstr "" "tillhandahålls kommer det ignoreras och sessionen fortsätta normalt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6410,7 +6634,7 @@ msgstr "" "tillhandahålls avslutas sessionen omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6421,22 +6645,22 @@ msgstr "" "avslutas sessionen omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Samma som <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Standard: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6445,7 +6669,7 @@ msgstr "" "<command>sssd</command> kommer godkänna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6454,12 +6678,12 @@ msgstr "" "openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6473,32 +6697,32 @@ msgstr "" "namnen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Anger filen som innehåller certifikatet för klientens nyckel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "Anger filen som innehåller klientens nyckel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6509,12 +6733,12 @@ msgstr "" "manvolnum></citerefentry> för formatet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6523,12 +6747,12 @@ msgstr "" "\"protocol\">tls</systemitem> för att skydda kanalen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6539,18 +6763,18 @@ msgstr "" "förlita sig på ldap_user_uid_number och ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "För närvarande stödjer denna funktion endast Active Direcotory objectSID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6568,17 +6792,17 @@ msgstr "" "Underdomäner kan sedan välja andra intervall för att översätta ID:n." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "Standard: inte satt (båda alternativen är satta till 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -6587,7 +6811,7 @@ msgstr "" "GSSAPI och GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6603,12 +6827,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -6628,7 +6852,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6648,17 +6872,17 @@ msgstr "" "keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "Standard: host/värdnamn@RIKE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6669,17 +6893,17 @@ msgstr "" "ignoreras detta alternativ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Standard: värdet på krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6688,34 +6912,34 @@ msgstr "" "att ta fram värdnamnets kanoniska form under en SASL-bindning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Standard: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" "Ange den keytab som skall användas vid användning av SASL/GSSAPI/GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Standard: Systemets keytab, normalt <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6726,29 +6950,29 @@ msgstr "" "eller GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" "Anger livslängden i sekunder på TGT:n om GSSAPI eller GSS-SPNEGO används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Standard: 86400 (24 timmar)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6766,7 +6990,7 @@ msgstr "" "mer information, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6777,7 +7001,7 @@ msgstr "" "hittas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6789,27 +7013,27 @@ msgstr "" "<quote>krb5_server</quote> istället." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Ange Kerberos-RIKE (för SASL/GSSAPI/GSS-SPNEGO aut)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "Standard: Systemstandard, se <filename>/etc/krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6818,12 +7042,12 @@ msgstr "" "servern. Denna funktion är tillgänglig med MIT Kerberos ≥ 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6838,7 +7062,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6849,12 +7073,12 @@ msgstr "" "om lokaliseringsinsticksmodulen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6863,7 +7087,7 @@ msgstr "" "värden är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6872,7 +7096,7 @@ msgstr "" "alternativ kan inte avaktivera lösenordspolicyer på serversidan." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6883,7 +7107,7 @@ msgstr "" "manvolnum></citerefentry> för att utvärdera om lösenordet har gått ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6894,7 +7118,7 @@ msgstr "" "chpass_provider=krb5 för att uppdatera dessa attribut när läsenordet ändras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6903,17 +7127,17 @@ msgstr "" "kommer den alltid gå före framför policyn som sätts med detta alternativ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Anger huruvida automatisk uppföljning av referenser skall aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6922,7 +7146,7 @@ msgstr "" "kompilerad med OpenLDAP version 2.4.13 eller senare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6935,28 +7159,28 @@ msgstr "" "alternativ till falskt medföra en märkbar prestandaförbättring." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Anger tjänstenamnet som skall användas när tjänsteupptäckt är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Standard: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6965,17 +7189,17 @@ msgstr "" "lösenordsändringar när tjänsteupptäckte är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Standard: inte satt, d.v.s. tjänsteupptäckt är avaktiverat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6984,12 +7208,12 @@ msgstr "" "dagar sedan epoken efter en ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7017,12 +7241,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Exempel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7034,7 +7258,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7043,7 +7267,7 @@ msgstr "" "användare vars attribut employeeType är satt till ”admin”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7056,17 +7280,17 @@ msgstr "" "fortsätta ges åtkomst under frånkoppling, och vice versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Standard: Empty" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7075,7 +7299,7 @@ msgstr "" "åtkomststyrningsattribut aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7086,12 +7310,12 @@ msgstr "" "felkod även om lösenordet är korrekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Följande värden är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7100,7 +7324,7 @@ msgstr "" "att avgöra om kontot har gått ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7113,7 +7337,7 @@ msgstr "" "kontot kontrolleras också." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7124,7 +7348,7 @@ msgstr "" "tillåts eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7137,7 +7361,7 @@ msgstr "" "åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7148,23 +7372,23 @@ msgstr "" "ldap_account_expire_policy skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Kommaseparerad lista över åtkomststyrningsalternativ. Tillåtna värden är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: använd ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7179,7 +7403,7 @@ msgstr "" "fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7189,7 +7413,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7210,12 +7434,12 @@ msgstr "" "måste vara satt för att denna funktion skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: använd ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7230,7 +7454,7 @@ msgstr "" "exempel SSH-nycklar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7244,7 +7468,7 @@ msgstr "" "pwd_expire_policy_renew – användaren ombeds ändra sitt lösenord omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -7252,7 +7476,7 @@ msgstr "" "meddelande av SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -7262,7 +7486,7 @@ msgstr "" "lämplig lösenordspolicy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7271,13 +7495,13 @@ msgstr "" "för att avgöra åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: använd attributet host för att avgöra åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -7286,7 +7510,7 @@ msgstr "" "fjärrvärdar kan få åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -7296,12 +7520,12 @@ msgstr "" "åtkomstkontroll aktiveras" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Standard: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7310,12 +7534,12 @@ msgstr "" "gång." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7328,22 +7552,22 @@ msgstr "" "LDAP-servern inte kan kontrolleras ordentligt. " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exempel: cn=ppolicy,ou=policies,dc=exempel,dc=se" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Standard: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7352,12 +7576,12 @@ msgstr "" "alternativ är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias är aldrig derefererade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7366,7 +7590,7 @@ msgstr "" "basobjektet, men inte vid lokalisering basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7375,7 +7599,7 @@ msgstr "" "basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7384,7 +7608,7 @@ msgstr "" "lokalisering av basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7393,12 +7617,12 @@ msgstr "" "klientbiblioteken)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7407,7 +7631,7 @@ msgstr "" "servrar som använder schemat RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7424,7 +7648,7 @@ msgstr "" "via anrop av getpw*() eller initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7435,12 +7659,12 @@ msgstr "" "de lokala användarna med de extra LDAP-grupperna." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -7449,25 +7673,18 @@ msgstr "" "jokertecken." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "För närvarande stödjer endast respondenten InfoPipe jockeruppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "Standard: 1000 (ofta storleken på en sida)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -7477,19 +7694,14 @@ msgid "" "<refentrytitle>sssd-ldap-attributes</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Alla de vanliga konfigurationsalternativen som gäller SSSD-domäner gäller " -"även LDAP-domäner. Se avsnittet <quote>DOMÄNSEKTIONER</quote> av " -"manualsidan <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> för fullständiga detaljer. " -"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "SUDOALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7500,12 +7712,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7515,7 +7727,7 @@ msgstr "" "servern)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7524,17 +7736,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Standard: 21600 (6 timmar)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7545,7 +7757,7 @@ msgstr "" "USN-värde som för närvarande är känt av SSSD)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7554,7 +7766,7 @@ msgstr "" "istället." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7570,12 +7782,12 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7584,12 +7796,12 @@ msgstr "" "(genom användning av IPv4- och IPv6-värd-/-nätverksadresser och värdnamn)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7598,7 +7810,7 @@ msgstr "" "domännamn som skall användas för att filtrera reglerna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7607,8 +7819,8 @@ msgstr "" "fullständigt kvalificerade domännamnet automatiskt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7617,17 +7829,17 @@ msgstr "" "emphasis> har detta alternativ ingen effekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "Standard: inte angivet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7636,7 +7848,7 @@ msgstr "" "skall användas för att filtrera reglerna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7645,12 +7857,12 @@ msgstr "" "automatiskt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7659,12 +7871,12 @@ msgstr "" "attributet sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7673,7 +7885,7 @@ msgstr "" "attributet sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -7682,7 +7894,7 @@ msgstr "" "LDAP-serversidan!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7695,12 +7907,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "AUTOFSALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -7708,47 +7920,47 @@ msgstr "" "Några av standardvärdena för parametrar nedan är beroende på LDAP-schemat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "Namnet på automount master-kartan i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Standard: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "AVANCERADE ALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7761,22 +7973,22 @@ msgstr "" "avaktivera denna funktion om gruppnamn inte visas korrekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7789,14 +8001,14 @@ msgstr "" "\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7806,7 +8018,7 @@ msgstr "" "till en av domänerna i avsnittet <replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7826,20 +8038,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "LDAP-ÅTKOMSTFILTEREXEMPEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -7848,7 +8060,7 @@ msgstr "" "ldap_access_order=lockout används." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7874,13 +8086,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8230,11 +8442,267 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "Typen på autentiseringstecknet hos standardbindnings-DN." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Lås upp användarkontot." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +#, fuzzy +#| msgid "Configuration attributes" +msgid "Conversation failure." +msgstr "Konfigurationsattribut" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "FILER" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8246,7 +8714,7 @@ msgstr "" "man återställer ett lösenord." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8265,7 +8733,7 @@ msgstr "" "medan alla andra användare endast får ha läsrättigheter." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -8790,13 +9258,28 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "Exempel: <SUBJECT>.*,DC=MIN,DC=DOMÄN" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +#, fuzzy +#| msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "Exempel: <SUBJECT>.*,DC=MIN,DC=DOMÄN" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "<ISSUER>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." @@ -8805,17 +9288,17 @@ msgstr "" "kommentarer för <SUBJECT> är tillämpliga här också." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "Exempel: <ISSUER>^CN=Min-CA,DC=MIN,DC=DOMÄN$" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "<KU>nyckelanvändning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" @@ -8825,52 +9308,52 @@ msgstr "" "i en kommaseparerad lista:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "digitalSignature" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "nonRepudiation" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "dataEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "keyAgreement" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "keyCertSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "cRLSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "encipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "decipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." @@ -8879,17 +9362,17 @@ msgstr "" "användas också för att täcka speciella användningsfall." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "Exempel: <KU>digitalSignature,keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "<EKU>utökad-nyckel-användning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" @@ -8899,52 +9382,52 @@ msgstr "" "kommaseparerad lista:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "serverAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "clientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "codeSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "emailProtection" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "timeStamping" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "OCSPSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "KPClientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "pkinit" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "msScLogin" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." @@ -8953,17 +9436,17 @@ msgstr "" "sina OID:er i punktad decimal notation." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "Exempel: <EKU>clientAuth,1.3.6.1.5.2.3.4" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "<SAN>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -8974,62 +9457,62 @@ msgstr "" "<SAN:Principal> gör." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "Exempel: <SAN>.*@MITT\\.RIKE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "<SAN:Principal>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "Matcha Kerberos-huvudmännen i PKINIT eller AD NT Principal " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "Exempel: <SAN:Principal>.*@MITT\\.RIKE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "<SAN:ntPrincipalName>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "Matcha Kerberhos-huvudmän från AD NT Principal SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "Exempel: <SAN:ntPrincipalName>.*@MITT.AD.RIKE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "<SAN:pkinit>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "Matcha Kerberos-huvudmän från PKINIT SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "Exempel: <SAN:ntPrincipalName>.*@MITT\\.PKINIT\\.RIKE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "<SAN:dotted-decimal-oid>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -9040,17 +9523,17 @@ msgstr "" "reguljära uttrycket." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "Exempel: <SAN:1.2.3.4>test" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "<SAN:otherName>base64-sträng" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -9063,62 +9546,62 @@ msgstr "" "strängar." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "Exempel: <SAN:otherName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "<SAN:rfc822Name>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "Matcha värdet på rfc822Name SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "Exempel: <SAN:rfc822Name>.*@epost\\.domän" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "<SAN:dNSName>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "Matcha värdet på dNSName SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "Exempel: <SAN:dNSName>.*\\.min\\.dns\\.domän" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "<SAN:x400Address>base64-sträng" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "Matcha binärt värdet på x400Address SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "Exempel: <SAN:x400Address>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "<SAN:directoryName>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." @@ -9127,67 +9610,67 @@ msgstr "" "ISSUER> och <SUBJECT> gäller här också." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "Exempel: <SAN:directoryName>.*,DC=com" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "<SAN:ediPartyName>base64-sträng" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "Matcha binärt värdet på ediPartyName SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "Exempel: <SAN:ediPartyName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "<SAN:uniformResourceIdentifier>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "Matcha värdet på uniformResourceIdentifier SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "Exempel: <SAN:uniformResourceIdentifier>URN:.*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "<SAN:iPAddress>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "Matcha värdet på iPAddress SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "Exempel: <SAN:iPAddress>192\\.168\\..*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "<SAN:registeredID>reguljärt-uttryck" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "Matcha värdet på registeredID SAN som punktad decimal sträng." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "Exempel: <SAN:registeredID>1\\.2\\.3\\..*" @@ -9200,12 +9683,12 @@ msgstr "" ">" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "MAPPNINGSREGEL" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -9216,7 +9699,7 @@ msgstr "" "användas för autentisering som ett av dessa konton." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -9236,7 +9719,7 @@ msgstr "" "sluta med ”(” respektive ”)”." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -9249,7 +9732,7 @@ msgstr "" "”ipaCertMapData” i IPA användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -9264,12 +9747,12 @@ msgstr "" "vara svårt att bryta mappningen avsiktligt för en specifik användare." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9280,7 +9763,7 @@ msgstr "" "skall ett alternativ med prefixet ”_x500” användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." @@ -9289,7 +9772,7 @@ msgstr "" "de används av AD, t.ex. ”S” istället för ”ST”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." @@ -9298,7 +9781,7 @@ msgstr "" "som de används av NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." @@ -9307,7 +9790,7 @@ msgstr "" "NSS och LDAP/RFC 4514-ordning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" @@ -9316,12 +9799,12 @@ msgstr "" "ad})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9332,7 +9815,7 @@ msgstr "" "skall ett alternativ med prefixet ”_x500” användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" @@ -9341,12 +9824,12 @@ msgstr "" "{subject_dn!nss_x500})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "{cert[!(bin|base64)]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -9361,17 +9844,17 @@ msgstr "" "attributet ”userCertificate;binary”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "Exempel: (userCertificate;binary={cert!bin})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "{subject_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -9382,7 +9865,7 @@ msgstr "" "”short_name” representerar första delen av huvudmannen före tecknet ”@”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" @@ -9391,12 +9874,12 @@ msgstr "" "(samAccountName={subject_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "{subject_pkinit_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -9407,7 +9890,7 @@ msgstr "" "huvudmannen före tecknet ”@”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" @@ -9416,12 +9899,12 @@ msgstr "" "(uid={subject_pkinit_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "{subject_nt_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -9432,12 +9915,12 @@ msgstr "" "huvudmannen före tecknet ”@”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "{subject_rfc822_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -9448,7 +9931,7 @@ msgstr "" "första delen av huvudmannen före tecknet ”@”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" @@ -9457,12 +9940,12 @@ msgstr "" "short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "{subject_dns_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -9474,19 +9957,19 @@ msgstr "" "tecknet." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" "Exempel: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "{subject_uri}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." @@ -9495,17 +9978,17 @@ msgstr "" "uniformResourceIdentifier i SAN:en." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "Exempel: (uri={subject_uri})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "{subject_ip_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." @@ -9514,17 +9997,17 @@ msgstr "" "SAN:en." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "Exempel: (ip={subject_ip_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "{subject_x400_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." @@ -9533,19 +10016,19 @@ msgstr "" "SAN:en som en hex-sekvens med styrtecken." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "Exempel: (attr:binary={subject_x400_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." @@ -9554,17 +10037,17 @@ msgstr "" "directoryName i SAN:en." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "Exempel: (orig_dn={subject_directory_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "{subject_ediparty_name}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." @@ -9573,17 +10056,17 @@ msgstr "" "SAN:en som en hex-sekvens med styrtecken." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "Exempel: (attr:binary={subject_ediparty_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "{subject_registered_id}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." @@ -9592,12 +10075,12 @@ msgstr "" "SAN:en som en punktad decimal sträng." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "Exempel: (oid={subject_registered_id})" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -9612,12 +10095,12 @@ msgstr "" "”!”. Tillåtna värden är: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "DOMÄNLISTA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -9784,7 +10267,7 @@ msgstr "" "identifiera denna värd. Värdnamnet måste vara fullständigt kvalificerat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (boolean)" @@ -9804,7 +10287,7 @@ msgstr "" "alternativet <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9824,12 +10307,12 @@ msgstr "" "använda <emphasis>dyndns_update</emphasis> i sin konfigurationsfil." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9856,12 +10339,12 @@ msgid "Default: 1200 (seconds)" msgstr "Default: 1200 (sekunder)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9894,17 +10377,17 @@ msgstr "" "förbindelsen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Exempel: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "dyndns_auth (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9915,7 +10398,7 @@ msgstr "" "sätta detta alternativ till ”none”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "Standard: GSS-TSIG" @@ -9925,7 +10408,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "Aktiverar DNS-sajter – platsbaserat tjänsteupptäckt." @@ -9949,7 +10432,7 @@ msgstr "" "upptäckten används som backup-servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (heltal)" @@ -9965,12 +10448,12 @@ msgstr "" "alternativ är valfritt och tillämpligt endast när dyndns_update är sann." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9993,12 +10476,12 @@ msgid "Default: False (disabled)" msgstr "Standard: False (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10007,17 +10490,17 @@ msgstr "" "med DNS-servern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Standard: False (låt nsupdate välja protokollet)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "dyndns_server (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -10026,7 +10509,7 @@ msgstr "" "flesta uppsättningar rekommenderas det att låta detta alternativ vara osatt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." @@ -10035,7 +10518,7 @@ msgstr "" "skild från identitetsservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." @@ -10045,17 +10528,17 @@ msgstr "" "inställningar misslyckas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "Standard: Ingen (låt nsupdate välja servern)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10183,12 +10666,12 @@ msgstr "" "till bas-DN:en för att användas när LDAP-operationer utförs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -10197,7 +10680,7 @@ msgstr "" "för Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -10206,7 +10689,7 @@ msgstr "" "”none”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10230,7 +10713,7 @@ msgstr "" "görs många begäranden om skrivbordsprofiler under en kort tid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Standard: 5 (sekunder)" @@ -10386,6 +10869,7 @@ msgstr "Namn på attributet som har namnet på vyn." #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Standard: cn" @@ -10583,7 +11067,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "KONFIGURATION AV BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10594,30 +11078,37 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +#, fuzzy +#| msgid "" +#| "Some configuration options can be also set for a trusted domain. A " +#| "trusted domain configuration can either be done using a subsection, for " +#| "example: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" "Några konfigurationsalternativ kan även sättas för en betrodd domän. En " "konfiguration av en betrodd domän kan antingen göras med ett underavsnitt, " "till exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "used by the <citerefentry> <refentrytitle>sssd-kcm</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry> service." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Dessutom kan några alternativ sättas i föräldradomänen och ärvas av den " -"betrodda domänen med alternativet <quote>subdomain_inherit</quote>. För " -"fler detaljer, se manualsidan <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +"används av tjänsten <citerefentry> <refentrytitle>sssd-kcm</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -10626,61 +11117,61 @@ msgstr "" "på huruvida man konfigurerar SSSD på en IPA-server eller en IPA-klient." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "ALTERNATIV ATT STÄLLA IN PÅ IPA-MASTRAR" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" "Följande alternativ kan sättas i ett underdomänsavsnitt på en IPA-master:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "ALTERNATIV ATT STÄLLA IN PÅ IPA-KLIENTER" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" "Följande alternativ kan sättas i ett underdomänsavsnitt på en IPA-klient:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -10689,7 +11180,7 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10712,7 +11203,7 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10723,7 +11214,7 @@ msgstr "" "exempel visar endast alternativ som är specifika för leverantören ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11028,31 +11519,42 @@ msgstr "ad_hostname (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the IPA domain to identify this host. " +#| "The hostname must be fully qualified." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" "Valfri. Kan sättas på maskiner där hostname(5) inte avspeglar det " -"fullständigt kvalificerade namnet som används i Active Directory-domänen för " -"att identifiera denna värd." +"fullständigt kvalificerade namnet som används i IPA-domänen för att " +"identifiera denna värd. Värdnamnet måste vara fullständigt kvalificerat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "Detta fält används för att avgöra värd-huvudmannen som används i keytab:en. " "Det måste stämma med värdnamnet som keytab:en gavs ut för." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -11069,12 +11571,12 @@ msgstr "" "sajtupptäckten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "ad_access_filter (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -11087,7 +11589,7 @@ msgstr "" "quote> för att detta alternativ skall ha någon effekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -11100,7 +11602,7 @@ msgstr "" "eller utelämnas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -11113,7 +11615,7 @@ msgstr "" "domäner från skogen som anges av <quote>NAMN</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." @@ -11122,7 +11624,7 @@ msgstr "" "sökbaser fungerar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -11143,7 +11645,7 @@ msgstr "" "utökningar</ulink>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -11156,7 +11658,7 @@ msgstr "" "med samma specifikation används den första." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -11186,12 +11688,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "ad_site (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." @@ -11200,12 +11702,12 @@ msgstr "" "alternativ inte anges kommer AD-sajten att automatupptäckas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -11218,7 +11720,7 @@ msgstr "" "endast ansluter till lDAP-porten på den aktuella AD-servern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -11231,12 +11733,12 @@ msgstr "" "användas för att slå upp gruppmedlemskap över domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -11251,32 +11753,25 @@ msgstr "" "quote> för att detta alternativ skall ha någon effekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 -#, fuzzy -#| msgid "" -#| "GPO-based access control functionality uses GPO policy settings to " -#| "determine whether or not a particular user is allowed to logon to a " -#| "particular host." +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " "information on the supported policy settings please refer to the " "<quote>ad_gpo_map</quote> options." msgstr "" -"GPO-baserad åtkomstkontrollsfunktionalitet använder GPO-policyinställningar " -"för att avgöra huruvida en viss användare tillåts att logga på en viss värd." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -11286,21 +11781,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -11310,28 +11805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" -"OBS: Den nuvarande versionen av SSSD stödjer inte värd- (dator-)poster i GPO:" -"s ”säkerhetsfilter”-lista. Endast användar- och gruppposter stödjs. " -"Värdposter i listan har ingen effekt." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 -#, fuzzy -#| msgid "" -#| "NOTE: If the operation mode is set to enforcing, it is possible that " -#| "users that were previously allowed logon access will now be denied logon " -#| "access (as dictated by the GPO policy settings). In order to facilitate a " -#| "smooth transition for administrators, a permissive mode is available that " -#| "will not enforce the access control rules, but will evaluate them and " -#| "will output a syslog message if access would have been denied. By " -#| "examining the logs, administrators can then make the necessary changes " -#| "before setting the mode to enforcing." +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -11344,22 +11818,14 @@ msgid "" "functions' is required (see <citerefentry> <refentrytitle>sssctl</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page)." msgstr "" -"OBS: Om arbetsläget är satt till tvingande är det möjligt att användare som " -"tidigare tilläts inloggningsåtkomst nu kommer att nekas inloggningsåtkomst " -"(som det dikteras av GPO-policyinställningarna). För att möjliggöra en " -"smidig övergång för administratörer är ett tillåtande läge tillgängligt som " -"inte kommer tvinga reglerna för åtkomstkontroll, men kommer beräkna dem och " -"skriva ut ett syslog-meddelande om åtkomst skulle ha nekats. Genom att " -"granska loggarna kan administratörer sedan göra de nödvändiga ändringarna " -"före de ställer in arbetsläget till tvingande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "Det finns tre stödda värden för detta alternativ:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" @@ -11367,12 +11833,12 @@ msgstr "" "påtvingas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "enforcing: GPO-baserade åtkomstkontrollregler evalueras och påtvingas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -11383,22 +11849,22 @@ msgstr "" "skulle ha nekats åtkomst om detta alternativs värde vore satt till enforcing." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "Standard: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "Standard: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "ad_gpo_implicit_deny (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -11416,12 +11882,12 @@ msgstr "" "tillämpliga på dem." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "ad_gpo_ignore_unreadable (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -11436,12 +11902,12 @@ msgstr "" "för SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11452,12 +11918,12 @@ msgstr "" "begäranden om åtkomstkontroll under en kort tid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11473,7 +11939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." @@ -11482,7 +11948,7 @@ msgstr "" "”Tillåt inloggning lokalt” och ”Neka inloggning lokalt”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11492,7 +11958,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11512,42 +11978,42 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "lightdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "lxdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "sddm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "unity" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "xdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11563,7 +12029,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11574,7 +12040,7 @@ msgstr "" "fjärrinloggningstjänter”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11584,7 +12050,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11604,22 +12070,22 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "cockpit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11635,7 +12101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11646,7 +12112,7 @@ msgstr "" "nätverket”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11656,7 +12122,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11676,22 +12142,22 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11706,7 +12172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." @@ -11716,7 +12182,7 @@ msgstr "" "jobb”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11726,7 +12192,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11746,7 +12212,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" @@ -11754,17 +12220,17 @@ msgstr "" "används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11780,7 +12246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." @@ -11789,7 +12255,7 @@ msgstr "" "”Tillåt inloggning som en tjänst” och ”Neka inloggning som en tjänst”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11799,7 +12265,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11817,12 +12283,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." @@ -11831,7 +12297,7 @@ msgstr "" "alltid tillåts, oavsett några andra GPO-inloggningsrättigheter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11841,7 +12307,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11861,22 +12327,22 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "polkit-1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." @@ -11885,7 +12351,7 @@ msgstr "" "alltid nekas, oavsett några andra GPO-inloggningsrättigheter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11895,12 +12361,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11922,57 +12388,57 @@ msgstr "" "för omappade PAM-tjänstenamn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "Värden som stödjs för detta alternativ inkluderar:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "remote_interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "network" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "batch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "service" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "Standard: deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "ad_maximum_machine_account_password_age (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11983,17 +12449,17 @@ msgstr "" "förhindra förnyelseförsöket." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "Standard: 30 dagar" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "ad_machine_account_password_renewal_opts (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -12008,12 +12474,46 @@ msgstr "" "i sekunder före funktionen körs för första gången efter uppstart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "Standard: 86400:750 (24h och 15m)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +#, fuzzy +#| msgid "ad_maximum_machine_account_password_age (integer)" +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "ad_maximum_machine_account_password_age (heltal)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (boolean)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12030,12 +12530,12 @@ msgstr "" "på annat sätt med alternativet <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "Standard: 3600 (sekunder)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -12044,7 +12544,7 @@ msgstr "" "förbindelsen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12059,12 +12559,12 @@ msgstr "" "mindre än 60 ges kommer parametern endast anta det lägsta värdet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Standard: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12075,7 +12575,7 @@ msgstr "" "exempel visar endast alternativ som är specifika för leverantören AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12099,7 +12599,7 @@ msgstr "" "ad_domain = exempel.se\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12111,7 +12611,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12122,7 +12622,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12137,7 +12637,7 @@ msgstr "" "krypteringsdetaljer) manuellt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12754,16 +13254,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " -#| "applications will not use the fast in memory cache." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." msgstr "" -"Om miljövariabeln SSS_NSS_USE_MEMCACHE är satt till ”NO” kommer " -"klientprogram inte använda den snabba cachen i minnet." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -13461,9 +13955,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -14016,38 +14518,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:518 -#, fuzzy -#| msgid "" -#| "The krb5_kdcinfo_lookahead option contains two numbers seperated by a " -#| "colon. The first number represents number of primary servers used and the " -#| "second number specifies the number of backup servers." msgid "" "The krb5_kdcinfo_lookahead option contains two numbers separated by a colon. " "The first number represents number of primary servers used and the second " "number specifies the number of backup servers." msgstr "" -"Alternativet krb5_kdcinfo_lookahead innehåller två tal separerade av ett " -"kolon. Det första talet representerar antalet primärservrar som används och " -"det andra talet anger antalet reservservrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " -#| "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " -#| "servers." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> but no backup " "servers." msgstr "" -"Till exempel betyder <emphasis>10:0</emphasis> att upp till 10 primärservrar " -"kommer lämnas till<citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. men inga " -"reservservrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -17121,21 +17605,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:61 -#, fuzzy -#| msgid "" -#| "the SSSD implementation stores the ccaches in the SSSD <citerefentry> " -#| "<refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry> secrets store, allowing the ccaches to survive KCM server " -#| "restarts or machine reboots." msgid "" "the SSSD implementation stores the ccaches in a database, typically located " "at <replaceable>/var/lib/sss/secrets</replaceable> allowing the ccaches to " "survive KCM server restarts or machine reboots." msgstr "" -"SSSD-implementationen sparar ccache:rna i SSSD:s hemlighetsförråd " -"<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, vilket gör att ccache:rna kan överleva att KCM-" -"servern eller hela maskinen startas om." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:67 @@ -17322,24 +17796,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the files provider for <citerefentry> " -#| "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" -#| "citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -#| "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"Denna manualsida besriver filleverantören till <citerefentry> " -"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" -"citerefentry>. För en detaljerad referens om syntaxen, se avsnittet " -"<quote>FILFORMAT</quote> i manualsidan <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -17373,10 +17835,8 @@ msgstr "Standard: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "max_secrets (integer)" msgid "max_ccaches (integer)" -msgstr "max_secrets (heltal)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 @@ -17390,10 +17850,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "max_uid_secrets (integer)" msgid "max_uid_ccaches (integer)" -msgstr "max_uid_secrets (heltal)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -17404,17 +17862,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Standard: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "max_payload_size (integer)" msgid "max_ccache_size (integer)" -msgstr "max_payload_size (heltal)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -17425,10 +17879,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Standard: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -17608,13 +18060,7 @@ msgstr "Känner av funktionen sdap_get_generic_ext_send()." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:152 -#, fuzzy, no-wrap -#| msgid "" -#| "base:string\n" -#| "scope:integer\n" -#| "filter:string\n" -#| "probestr:string\n" -#| " " +#, no-wrap msgid "" "base:string\n" "scope:integer\n" @@ -17623,11 +18069,6 @@ msgid "" "probestr:string\n" " " msgstr "" -"base:sträng\n" -"scope:heltal\n" -"filter:sträng\n" -"probestr:sträng\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:161 @@ -17657,10 +18098,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:176 -#, fuzzy -#| msgid "probe sdap_deref_send" msgid "probe sdap_parse_entry" -msgstr "testpunkt sdap_deref_send" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:179 @@ -17671,24 +18110,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "filter:string\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"filter:sträng\n" -" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 -#, fuzzy -#| msgid "probe dp_req_done" msgid "probe sdap_parse_entry_done" -msgstr "testpunkt dp_req_done" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:193 @@ -17976,10 +18408,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 @@ -17998,28 +18428,16 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "SSSD LDAP-leverantör" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -18027,11 +18445,6 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"Denna manualsida beskriver beskriver konfigurationen av LDAP-domäner för " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Se avsnittet <quote>FILFORMAT</quote> av manualsidan " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> för detaljerad syntaxinformation." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 @@ -18907,10 +19320,8 @@ msgstr "ldap_group_modify_timestamp (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (sträng)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -19132,10 +19543,8 @@ msgstr "LDAP-attributet som innehåller UUID/GUID för ett LDAP-värdobjekt." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "TJÄNSTESEKTIONER" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -19380,10 +19789,140 @@ msgstr "Standard: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "AUTOFSALTERNATIV" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_host_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_host_object_class (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a host entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "Objektklassen hos en värdpost i LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Standard: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_name (string)" +msgstr "ldap_host_name (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" +"LDAP-attributet som innehåller namnet på tjänsteattribut och deras alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_host_name (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the host's SSH public keys." +msgid "The LDAP attribute that contains the IP host address." +msgstr "LDAP-attributet som innehåller värdens publika SSH-nycklar." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "Standard: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "Objektklassen hos en nätgruppspost i LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Standard: password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" +"LDAP-attributet som innehåller namnet på tjänsteattribut och deras alias." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "LDAP-attributet som innehåller användarens publika SSH-nycklar." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "Standard: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -19552,9 +20091,13 @@ msgstr "För mer information om tjänsteupptäcktsmekanismen, se RFC 2782." #. type: Content of: <refentryinfo> #: include/upstream.xml:2 +#, fuzzy +#| msgid "" +#| "<productname>SSSD</productname> <orgname>The SSSD upstream - https://" +#| "pagure.io/SSSD/sssd/</orgname>" msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" "<productname>SSSD</productname> <orgname>SSSD uppströms – https://pagure.io/" "SSSD/sssd/</orgname>" @@ -19691,19 +20234,15 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout" +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 -#, fuzzy -#| msgid "How long would SSSD talk to a single DNS server." msgid "" "Time in milliseconds that sets how long would SSSD talk to a single DNS " "server before trying next one." -msgstr "Hur länge SSSD skall prata med en enskild DNS-server." +msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:90 @@ -19749,13 +20288,6 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:123 -#, fuzzy -#| msgid "" -#| "For LDAP-based providers, the resolve operation is performed as part of " -#| "an LDAP connection operation. Therefore, also the " -#| "<quote>ldap_opt_timeout></quote> timeout should be set to a larger value " -#| "than <quote>dns_resolver_timeout</quote> which in turn should be set to a " -#| "larger value than <quote>dns_resolver_op_timeout</quote>." msgid "" "For LDAP-based providers, the resolve operation is performed as part of an " "LDAP connection operation. Therefore, also the <quote>ldap_opt_timeout></" @@ -19764,11 +20296,6 @@ msgid "" "value than <quote>dns_resolver_op_timeout</quote> which should be larger " "than <quote>dns_resolver_server_timeout</quote>." msgstr "" -"För LDAP-baserade leverantörer utförs uppslagningsoperationen som en del av " -"LDAP-anslutningsoperationen. Därför skall även tidsgränsen " -"<quote>ldap_opt_timeout></quote> sättas till ett större värde än " -"<quote>dns_resolver_timeout</quote> som i sin tur skall sättas till ett " -"större värde än <quote>dns_resolver_op_timeout</quote>." #. type: Content of: <refsect1><title> #: include/ldap_id_mapping.xml:2 @@ -20422,6 +20949,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 +#, fuzzy +#| msgid "" +#| "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " +#| "tracing information." +msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" +"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Spårningsinformation på " +"extremt låg nivå." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" @@ -20430,7 +20970,7 @@ msgstr "" "tal som visas i följande exempel:" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -20439,7 +20979,7 @@ msgstr "" "allvarliga fel och funktionsdata, använd 0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -20449,7 +20989,7 @@ msgstr "" "styrfunktioner, använd 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." @@ -20458,14 +20998,18 @@ msgstr "" "introducerades i 1.7.0." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Standard</emphasis>: 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 +#, fuzzy +#| msgid "" +#| "<emphasis> This is an experimental feature, please use https://pagure.io/" +#| "SSSD/sssd/ to report any issues. </emphasis>" msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" "<emphasis> Detta är en experimentell funktion, använd https://pagure.io/SSSD/" @@ -20836,8 +21380,10 @@ msgstr "ldap_id_mapping = true" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "ldap_sasl_mech = gssapi" +#, fuzzy +#| msgid "ldap_sasl_mech = GSSAPI" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech = GSSAPI" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -21010,91 +21556,40 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "ldap_group_external_member = ipaExternalMember" #~ msgid "" -#~ "The background refresh will process users, groups and netgroups in the " -#~ "cache." -#~ msgstr "" -#~ "Bakgrundsuppdateringen kommer bearbeta användare, grupper och nätgrupper " -#~ "i cachen." - -#~ msgid "Default: homeDirectory" -#~ msgstr "Standard: homeDirectory" - -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (heltal)" - -#~ msgid "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." #~ msgstr "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "Autentiseringstecknet hos standardbindnings-DN. Endast lösenord i " +#~ "klartext stödjs för närvarande." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the InteractiveLogonRight and " -#~ "DenyInteractiveLogonRight policy settings." +#~ "In addition, some options can be set in the parent domain and inherited " +#~ "by the trusted domain using the <quote>subdomain_inherit</quote> option. " +#~ "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" +#~ "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." #~ msgstr "" -#~ "En kommaseparerad lista av PAM-tjänstenamn för vilka GPO-baserad " -#~ "åtkomstkontroll beräknas baserat på policyinställningarna " -#~ "InteractiveLogonRight och DenyInteractiveLogonRight." +#~ "Dessutom kan några alternativ sättas i föräldradomänen och ärvas av den " +#~ "betrodda domänen med alternativet <quote>subdomain_inherit</quote>. För " +#~ "fler detaljer, se manualsidan <citerefentry> <refentrytitle>sssd.conf</" +#~ "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the RemoteInteractiveLogonRight and " -#~ "DenyRemoteInteractiveLogonRight policy settings." +#~ "Optional. May be set on machines where the hostname(5) does not reflect " +#~ "the fully qualified name used in the Active Directory domain to identify " +#~ "this host." #~ msgstr "" -#~ "En kommaseparerad lista av PAM-tjänstenamn för vilka GPO-baserad " -#~ "åtkomstkontroll beräknas baserat på policyinställningarna " -#~ "RemoteInteractiveLogonRight och DenyRemoteInteractiveLogonRight." +#~ "Valfri. Kan sättas på maskiner där hostname(5) inte avspeglar det " +#~ "fullständigt kvalificerade namnet som används i Active Directory-domänen " +#~ "för att identifiera denna värd." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the NetworkLogonRight and " -#~ "DenyNetworkLogonRight policy settings." +#~ "NOTE: The current version of SSSD does not support host (computer) " +#~ "entries in the GPO 'Security Filtering' list. Only user and group entries " +#~ "are supported. Host entries in the list have no effect." #~ msgstr "" -#~ "En kommaseparerad lista av PAM-tjänstenamn för vilka GPO-baserad " -#~ "åtkomstkontroll beräknas baserat på policyinställningarna " -#~ "NetworkLogonRight och DenyNetworkLogonRight." +#~ "OBS: Den nuvarande versionen av SSSD stödjer inte värd- (dator-)poster i " +#~ "GPO:s ”säkerhetsfilter”-lista. Endast användar- och gruppposter stödjs. " +#~ "Värdposter i listan har ingen effekt." -#~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " -#~ "policy settings." -#~ msgstr "" -#~ "En kommaseparerad lista av PAM-tjänstenamn för vilka GPO-baserad " -#~ "åtkomstkontroll beräknas baserat på policyinställningarna BatchLogonRight " -#~ "och DenyBatchLogonRight." - -#~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the ServiceLogonRight and " -#~ "DenyServiceLogonRight policy settings." -#~ msgstr "" -#~ "En kommaseparerad lista av PAM-tjänstenamn för vilka GPO-baserad " -#~ "åtkomstkontroll beräknas baserat på policyinställningarna " -#~ "ServiceLogonRight och DenyServiceLogonRight." - -#~ msgid "" -#~ "The KCM service is configured in the <quote>kcm</quote> section of the " -#~ "sssd.conf file. Please note that currently, is it not sufficient to " -#~ "restart the sssd-kcm service, because the sssd configuration is only " -#~ "parsed and read to an internal configuration database by the sssd " -#~ "service. Therefore you must restart the sssd service if you change " -#~ "anything in the <quote>kcm</quote> section of sssd.conf. For a detailed " -#~ "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " -#~ "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum> </citerefentry> manual page." -#~ msgstr "" -#~ "Tjänsten KCM konfigureras i avsnittet <quote>kcm</quote> av filen sssd." -#~ "conf file. Observera att för närvarande är det inte tillräckligt att " -#~ "starta om tjänsten sssd-kcm, eftersom konfigurationen av sssd bara tolkas " -#~ "och läses till en intern konfigurationsdatabas av tjänsten sssd. Därför " -#~ "måste man starta om tjänsten sssd om man ändrar något i avsnittet " -#~ "<quote>kcm</quote> av sssd.conf. för en detaljerad syntaxreferens, se " -#~ "avsnittet <quote>FILFORMAT</quote> manualsidan <citerefentry> " -#~ "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#~ "citerefentry>." +#~ msgid "ldap_sasl_mech = gssapi" +#~ msgstr "ldap_sasl_mech = gssapi" diff --git a/src/man/po/tg.po b/src/man/po/tg.po index d723e7aa18..b025a75978 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:10+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -293,10 +293,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Пешфарз: true" @@ -315,21 +315,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -353,8 +354,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -369,7 +370,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -449,7 +450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -469,12 +470,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -482,39 +483,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -523,7 +524,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -652,8 +653,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -762,10 +763,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Пешфарз: 5" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -876,12 +875,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -965,8 +964,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1042,7 +1041,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1102,8 +1101,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1180,7 +1179,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Пешфарз: 50" @@ -1198,7 +1197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Пешфарз: 15" @@ -1708,7 +1707,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1721,7 +1720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1735,7 +1734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" @@ -1798,8 +1797,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1864,8 +1863,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1877,64 +1876,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1942,7 +1941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1954,63 +1953,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2018,12 +2017,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2034,15 +2033,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2050,7 +2049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2058,13 +2057,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: root" +msgid "Default: no_session" +msgstr "Пешфарз: root" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2075,24 +2130,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2102,22 +2157,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2125,51 +2180,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2178,12 +2233,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2193,36 +2248,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2233,7 +2312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2244,24 +2323,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2269,12 +2348,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2283,24 +2362,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2310,66 +2389,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2377,17 +2456,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2395,7 +2474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2403,22 +2482,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2427,14 +2506,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2443,38 +2522,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2483,24 +2562,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2509,29 +2588,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2545,14 +2624,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2561,39 +2640,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2602,19 +2681,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2625,115 +2704,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2742,42 +2845,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2785,24 +2900,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2811,17 +2926,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2830,34 +2945,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2865,7 +2980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2873,8 +2988,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2883,8 +2998,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2892,19 +3007,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2913,7 +3028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2921,22 +3036,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2948,7 +3065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2956,19 +3073,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2976,7 +3093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2984,35 +3101,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3020,19 +3137,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3041,7 +3158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3049,29 +3166,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3079,7 +3196,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3087,35 +3204,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3123,32 +3240,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3159,7 +3276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3168,12 +3285,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3181,7 +3298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3189,31 +3306,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3221,7 +3338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3230,17 +3347,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3248,43 +3365,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3292,7 +3409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3300,7 +3417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3308,24 +3425,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3333,12 +3450,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3348,7 +3506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3357,29 +3515,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3387,7 +3545,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3397,59 +3555,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3458,77 +3616,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3536,7 +3694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3545,17 +3703,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3563,34 +3721,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3598,32 +3756,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3633,34 +3791,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3669,19 +3827,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3689,24 +3847,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3715,24 +3873,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3742,14 +3900,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3757,21 +3915,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3779,7 +3937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3788,7 +3946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3797,7 +3955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3805,29 +3963,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3835,12 +3993,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3849,12 +4020,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3862,19 +4033,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3891,7 +4062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3899,17 +4070,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3918,7 +4089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3928,7 +4099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3948,12 +4119,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3961,73 +4132,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4035,17 +4206,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4054,17 +4225,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4072,17 +4243,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4090,17 +4261,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4111,69 +4282,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4186,7 +4357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4194,7 +4365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4203,55 +4374,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4260,17 +4431,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4278,26 +4449,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4306,17 +4477,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4326,7 +4497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4335,59 +4506,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4395,14 +4566,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4410,7 +4581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4418,12 +4589,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4453,7 +4624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4462,7 +4633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4470,7 +4641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4481,7 +4652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4495,7 +4666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4645,7 +4816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Намунаҳо:" @@ -4817,25 +4988,30 @@ msgstr "" msgid "Default: password" msgstr "Пешфарз: парол" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4844,24 +5020,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4869,7 +5045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4878,12 +5054,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4891,7 +5067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4901,7 +5077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4911,34 +5087,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4946,30 +5122,40 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:441 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4977,12 +5163,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4990,12 +5176,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5006,12 +5192,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5020,12 +5206,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5034,34 +5220,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5069,14 +5274,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5084,17 +5289,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5104,12 +5309,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5117,17 +5322,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5135,7 +5353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5146,7 +5364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5155,7 +5373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5163,26 +5381,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5190,7 +5408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5198,7 +5416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5206,41 +5424,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5249,32 +5467,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5282,24 +5500,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5307,17 +5525,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5328,24 +5546,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5356,12 +5574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5374,7 +5592,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5386,17 +5604,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5404,49 +5622,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5454,28 +5672,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5487,7 +5705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5495,7 +5713,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5503,39 +5721,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5545,7 +5763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5553,26 +5771,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5580,7 +5798,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5588,31 +5806,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5621,56 +5839,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5686,12 +5904,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5700,14 +5918,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5716,24 +5934,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5741,19 +5959,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5762,7 +5980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5770,7 +5988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5779,7 +5997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5787,22 +6005,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5812,14 +6030,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5832,12 +6050,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5847,7 +6065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5857,63 +6075,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5922,74 +6140,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6000,7 +6218,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6008,24 +6226,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6042,12 +6260,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6055,36 +6273,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6092,14 +6310,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6109,101 +6327,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6212,59 +6430,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6273,22 +6491,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6297,14 +6515,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6312,7 +6530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6325,27 +6543,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6361,13 +6579,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6525,124 +6743,374 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:390 +msgid "The user account has expired." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 -msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 +#: pam_sss.8.xml:414 msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:424 +msgid "Conversation failure." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "ФАЙЛҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6650,7 +7118,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6662,7 +7130,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7057,168 +7525,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7226,62 +7707,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7289,17 +7770,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7308,129 +7789,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7441,12 +7922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7454,7 +7935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7466,7 +7947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7475,7 +7956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7485,12 +7966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7498,40 +7979,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7539,19 +8020,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7561,17 +8042,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7579,19 +8060,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7599,19 +8080,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7619,12 +8100,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7632,19 +8113,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7652,116 +8133,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7771,12 +8252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7897,7 +8378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7912,7 +8393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7927,12 +8408,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7953,12 +8434,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7982,17 +8463,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8000,7 +8481,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8010,7 +8491,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8027,7 +8508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8040,12 +8521,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8064,60 +8545,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8231,26 +8712,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8269,7 +8750,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8406,6 +8887,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8578,7 +9060,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8588,88 +9070,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8683,7 +9165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8691,7 +9173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8916,25 +9398,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8945,12 +9429,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8959,7 +9443,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8968,7 +9452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8977,14 +9461,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -8997,7 +9481,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9006,7 +9490,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9024,24 +9508,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9050,7 +9534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9059,12 +9543,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9074,7 +9558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9083,16 +9567,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9102,21 +9586,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9126,15 +9610,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9149,23 +9625,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9173,22 +9649,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9199,12 +9675,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9214,12 +9690,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9227,12 +9703,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9248,14 +9724,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9263,7 +9739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9275,42 +9751,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9326,7 +9802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9334,7 +9810,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9342,7 +9818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9354,22 +9830,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9385,7 +9861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9393,7 +9869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9401,7 +9877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9413,22 +9889,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9443,14 +9919,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9458,7 +9934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9470,23 +9946,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9502,14 +9978,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9517,7 +9993,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9528,19 +10004,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9548,7 +10024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9560,29 +10036,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9590,12 +10066,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9608,57 +10084,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9666,17 +10142,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9686,12 +10162,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9702,19 +10208,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9724,12 +10230,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9737,7 +10243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9752,7 +10258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9761,7 +10267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9769,7 +10275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9779,7 +10285,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10821,7 +11327,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13898,10 +14404,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Пешфарз: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 @@ -13917,10 +14421,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Пешфарз: 6" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15661,6 +16163,108 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: root" +msgid "Default: ipHost" +msgstr "Пешфарз: root" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipHostNumber" +msgstr "Пешфарз: true" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Пешфарз: парол" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: true" +msgid "Default: ipNetworkNumber" +msgstr "Пешфарз: true" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15807,8 +16411,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16465,40 +17069,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16780,7 +17391,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 16d288464f..75ab055497 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -12,10 +12,10 @@ # Yuri Chornoivan <yurchor@ukr.net>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" -"PO-Revision-Date: 2019-06-14 04:59+0000\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" +"PO-Revision-Date: 2019-12-03 01:50+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" @@ -361,10 +361,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Типове значення: true" @@ -386,21 +386,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -428,8 +429,8 @@ msgstr "" "самостійно." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Типове значення: 10" @@ -444,7 +445,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "Параметри розділу" @@ -546,7 +547,7 @@ msgstr "" "ASCII, дефісів, крапок та знаків підкреслювання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -572,12 +573,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -589,32 +590,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -623,7 +624,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -633,8 +634,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 +#, fuzzy +#| msgid "" +#| "Each domain can have an individual format string configured. see DOMAIN " +#| "SECTIONS for more info on this option." msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" "Для кожного з доменів можна налаштувати окремий рядок формату. Докладніше " @@ -642,10 +647,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 -#, fuzzy -#| msgid "krb5_use_kdcinfo (boolean)" msgid "monitor_resolv_conf (boolean)" -msgstr "krb5_use_kdcinfo (булеве значення)" +msgstr "monitor_resolv_conf (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -653,6 +656,8 @@ msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" +"Керує тим, чи SSSD має спостерігати за станом resolv.conf для визначення " +"моменту, коли слід оновити дані вбудованого інструмента визначення DNS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:335 @@ -661,20 +666,13 @@ msgstr "try_inotify (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:338 -#, fuzzy -#| msgid "" -#| "SSSD monitors the state of resolv.conf to identify when it needs to " -#| "update its internal DNS resolver. By default, we will attempt to use " -#| "inotify for this, and will fall back to polling resolv.conf every five " -#| "seconds if inotify cannot be used." msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " "be used." msgstr "" -"SSSD спостерігає за станом resolv.conf для визначення моменту, коли слід " -"оновити дані вбудованого інструменту визначення DNS. Типово, з цією метою " -"використовується inotify. У разі неможливості використання inotify, " +"Типово, з метою спостереження за змінами у файлах налаштувань SSSD " +"намагається використати inotify. Якщо використати inotify не вдається, " "виконуватиметься опитування resolv.conf кожні п’ять секунд." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> @@ -794,13 +792,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:420 -#, fuzzy -#| msgid "" -#| "Please note that if this option is set all users from the primary domain " -#| "have to use their fully qualified name, e.g. user@domain.name, to log in. " -#| "Setting this option changes default of use_fully_qualified_names to True. " -#| "It is not allowed to use this option together with " -#| "use_fully_qualified_names set to False." msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -811,16 +802,20 @@ msgid "" "nss_files and therefore their output is not qualified even when the " "default_domain_suffix option is used." msgstr "" -"Будь ласка, зауважте, що якщо встановлено цей параметр, для усіх " -"користувачів із основного домену доведеться використовувати ім’я повністю, " -"тобто користувач@назва.домену, для входу до системи. Встановлення цього " -"параметра змінює типове значення use_fully_qualified_names на True. Цей " -"параметр не можна використовувати у поєднанні із значенням " -"use_fully_qualified_names рівним False." +"Будь ласка, зауважте, що якщо встановлено цей параметр, для входу до системи " +"усім користувачам із основного домену доведеться використовувати повне ім'я " +"користувача — користувач@назва.домену. Встановлення цього параметра змінює " +"типове значення параметра use_fully_qualified_names на True. Цей параметр не " +"можна використовувати у поєднанні із встановленням для параметра " +"use_fully_qualified_names значення False. Єдиним виключенням з цього правила " +"є домени із <quote>id_provider=files</quote>, для яких завжди виконується " +"спроба встановлення поведінки, як відповідає nss_files, а отже, виведені " +"імена для них не будуть повними, навіть якщо використано параметр " +"default_domain_suffix." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -890,15 +885,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:483 -#, fuzzy -#| msgid "no_ocsp" msgid "soft_ocsp" -msgstr "no_ocsp" +msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:485 sssd.conf.5.xml:585 msgid "(NSS Version) This option is ignored." -msgstr "" +msgstr "(Версія для NSS) Цей параметр буде проігноровано." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:488 @@ -908,11 +901,15 @@ msgid "" "authentication when the system is offline and the OCSP responder cannot be " "reached." msgstr "" +"(Версія для OpenSSL) Якщо не вдасться встановити з'єднання із відповідачем " +"OCSP, перевірку OCSP буде пропущено. Цим параметром слід користуватися для " +"того, щоб дозволити розпізнавання тоді, коли система працює автономно, отже " +"відповідач OCSP є недоступним." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:498 msgid "ocsp_dgst" -msgstr "" +msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:500 @@ -920,39 +917,41 @@ msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" +"Функція обчислення контрольної суми (хешу), яку буде використано для " +"створення ідентифікатора сертифіката для запиту OCSP. Можливі значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:504 msgid "sha1" -msgstr "" +msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:505 msgid "sha256" -msgstr "" +msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:506 msgid "sha384" -msgstr "" +msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd.conf.5.xml:507 msgid "sha512" -msgstr "" +msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 5" msgid "Default: sha256" -msgstr "Типове значення: 5" +msgstr "Типове значення: sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 msgid "" "(NSS Version) This option is ignored, because NSS uses sha1 unconditionally." msgstr "" +"(Версія для NSS) Цей параметр буде проігноровано, оскільки у NSS завжди " +"використовується sha1." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:518 @@ -1059,7 +1058,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:583 msgid "soft_crl" -msgstr "" +msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:588 @@ -1069,6 +1068,10 @@ msgid "" "allow authentication when the system is offline and the CRL cannot be " "renewed." msgstr "" +"(Версія для OpenSSL) Якщо строк дії списку відкликання сертифікатів (CRL) " +"вичерпано, перевірки CRL для відповідних сертифікатів буде проігноровано. " +"Цим параметром слід користуватися для уможливлення розпізнавання у системах, " +"які працюють у автономному режимі, коли оновлення CRL є неможливим." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 @@ -1082,12 +1085,12 @@ msgstr "" "параметри: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "Цю сторінку підручника було створено для версії NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "Цю сторінку підручника було створено для версії OpenSSL." @@ -1201,8 +1204,8 @@ msgstr "" "різних доменах можуть бути однаковими." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "Типове значення: не встановлено" @@ -1299,7 +1302,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "Типове значення: 60" @@ -1376,8 +1379,8 @@ msgstr "" "і якщо служби активуються за допомогою або сокетів або D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "Типове значення: 300" @@ -1473,7 +1476,7 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "Типове значення: 50" @@ -1494,7 +1497,7 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "Типове значення: 15" @@ -2121,7 +2124,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." @@ -2138,7 +2141,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2157,7 +2160,7 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" @@ -2235,8 +2238,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "Типове значення: none" @@ -2315,8 +2318,8 @@ msgstr "" "розпізнавання, типово таку сертифікацію вимкнено." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Типове значення: False" @@ -2328,25 +2331,29 @@ msgstr "pam_cert_db_path (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" -"Шлях до бази даних сертифікатів, яка містить модулі PKCS#11 для доступу до " -"смарткартки." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "Типове значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "/etc/pki/nssdb (версія NSS, шлях до бази даних NSS)" +#: sssd.conf.5.xml:1454 +#, fuzzy +#| msgid "" +#| "The path to the certificate database which contain the PKCS#11 modules to " +#| "access the Smartcard." +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" +msgstr "" +"Шлях до бази даних сертифікатів, яка містить модулі PKCS#11 для доступу до " +"смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" @@ -2355,24 +2362,24 @@ msgstr "" "довіреними сертифікатами служб сертифікації у форматі PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " "p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "pam_app_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2381,12 +2388,12 @@ msgstr "" "типу <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "pam_p11_allowed_services (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2395,7 +2402,7 @@ msgstr "" "використання смарткарток." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2405,7 +2412,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2424,64 +2431,64 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" "Типове значення: типовий набір назв служб PAM складається з таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2492,12 +2499,12 @@ msgstr "" "має чекати на вставлення смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "p11_uri (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2516,17 +2523,20 @@ msgstr "" "слід використовувати вказаний зчитувач." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 -#, no-wrap +#: sssd.conf.5.xml:1604 +#, fuzzy, no-wrap +#| msgid "" +#| "p11_uri = slot-description=My%20Smartcar%20Reader\n" +#| " " msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" "p11_uri = slot-description=My%20Smartcar%20Reader\n" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2536,7 +2546,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2549,13 +2559,69 @@ msgstr "" "скористатися програмою GnuTLS p11tool, наприклад, із параметром --list-all, " "який покаже і адреси PKCS#11." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: none" +msgid "Default: no_session" +msgstr "Типове значення: none" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2573,12 +2639,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2587,12 +2653,12 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2608,22 +2674,22 @@ msgstr "" "sudo IPA та групових пошуків команд." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2634,22 +2700,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2657,12 +2723,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2671,17 +2737,17 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2695,14 +2761,12 @@ msgstr "" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" -msgstr "ldap_user_certificate (рядок)" +msgstr "ssh_use_certificate_matching_rules (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2710,28 +2774,60 @@ msgid "" "comma separated list of mapping and matching rule names. All other rules " "will be ignored." msgstr "" +"Типово, відповідач SSH буде використовувати усі доступні правила " +"встановлення відповідності сертифікатів для фільтрування сертифікатів, тому " +"ключі SSH будуть створюватися лише на основі відповідних правилам " +"сертифікатів. За допомогою цього параметра можна обмежити перелік " +"використаних правил на основі списку назв правил прив'язки і відповідності, " +"відокремлених комами. Усі інші правила буде проігноровано." + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1804 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 +#: sssd.conf.5.xml:1811 #, fuzzy -#| msgid "Default: not set (spaces will not be replaced)" -msgid "Default: not set, all found rules are used" -msgstr "Типове значення: не встановлено (пробіли не замінятимуться)" +#| msgid "" +#| "If a non-existing rule name is given all rules will be ignored and all " +#| "available certificates will be used to derive ssh keys." +msgid "" +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." +msgstr "" +"Якщо буде вказано назву правила, якого не існує, буде проігноровано усі " +"правила, а для створення ключів SSH буде використано усі доступні " +"сертифікати." + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1816 +#, fuzzy +#| msgid "Default: not set, all found rules are used" +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" +msgstr "Типове значення: не встановлено, буде використано усі знайдені правила" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "ca_db (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2739,13 +2835,18 @@ msgstr "" "Шлях до сховища довірених сертифікатів CA. Параметр використовується для " "перевірки сертифікатів користувачів до отримання з них відкритих ключів ssh." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "/etc/pki/nssdb (версія NSS, шлях до бази даних NSS)" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2763,7 +2864,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2781,7 +2882,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2790,18 +2891,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2812,14 +2913,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2833,12 +2934,12 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2847,12 +2948,12 @@ msgstr "" "використовувати для визначення членства користувача у групі." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "Параметри налаштовування запису сеансів" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2867,32 +2968,32 @@ msgstr "" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "Цими параметрами можна скористатися для налаштовування запису сеансів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Користувачі не записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2901,17 +3002,17 @@ msgstr "" "<replaceable>користувачі</replaceable> і <replaceable>групи</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Усі користувачі записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2920,17 +3021,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2942,17 +3043,17 @@ msgstr "" "тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Типове значення: порожнє. Не відповідає жодному користувачу." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2964,7 +3065,7 @@ msgstr "" "символів тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2976,22 +3077,22 @@ msgstr "" "належить користувач." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Типове значення: порожнє. Не відповідає жодній групі." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "domain_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3004,7 +3105,7 @@ msgstr "" "з доменів POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -3013,7 +3114,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3025,7 +3126,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) і відповідача PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3034,7 +3135,7 @@ msgstr "" "application з <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3043,17 +3144,17 @@ msgstr "" "ласка, ознайомтеся із розділом <quote>Домени програм</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "Типове значення: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3062,7 +3163,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3075,7 +3176,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3084,17 +3185,17 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3107,22 +3208,22 @@ msgstr "" "мати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3131,7 +3232,7 @@ msgstr "" "користувачів і груп із віддаленого сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3154,7 +3255,7 @@ msgstr "" "<quote>sssd_be</quote> або навіть перезапуску усього засобу стеження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3164,7 +3265,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3178,7 +3279,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3187,32 +3288,32 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3225,12 +3326,12 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3239,7 +3340,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3256,17 +3357,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3275,19 +3376,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3296,12 +3397,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3310,12 +3411,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3324,12 +3425,32 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_resolver_timeout (integer)" +msgstr "entry_cache_user_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider user entries valid before asking " +#| "the backend again" +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" +"Кількість секунд, протягом яких nss_sss вважатиме записи користувачів " +"чинними, перш ніж надсилати повторний запит до сервера" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3338,12 +3459,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3352,12 +3473,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3367,12 +3488,32 @@ msgstr "" "вузла у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +#, fuzzy +#| msgid "entry_cache_user_timeout (integer)" +msgid "entry_cache_computer_timeout (integer)" +msgstr "entry_cache_user_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +#, fuzzy +#| msgid "" +#| "How many seconds should nss_sss consider entries valid before asking the " +#| "backend again" +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" +"Кількість секунд, протягом яких nss_sss вважатиме записи чинними, перш ніж " +"надсилати повторний запит до сервера" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3382,60 +3523,73 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " "user, typically ran at login) operation in the past, both the user entry " "and the group membership are updated." msgstr "" +"Під час фонового оновлення виконуватиметься обробка записів користувачів, " +"груп та мережевих груп у кеші. для записів користувачів, для яких " +"виконувалися дії з ініціювання груп (отримання даних щодо участі користувача " +"у групах, які типово виконуються під час входу до системи), буде оновлено і " +"запис користувача, і дані щодо участі у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 -#, fuzzy -#| msgid "" -#| "This option specifies the maximum allowed number of nested containers." +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." -msgstr "" -"Цей параметр визначає максимальну дозволену кількість вкладених контейнерів." +msgstr "Цей параметр автоматично успадковується для усіх довірених доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3447,7 +3601,7 @@ msgstr "" "контрольної суми SHA512 у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3457,17 +3611,17 @@ msgstr "" "мішенню атак із перебиранням паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "Типове значення: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3480,17 +3634,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3503,17 +3657,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3521,12 +3675,12 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "«proxy»: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" @@ -3534,7 +3688,7 @@ msgstr "" "(ЗАСТАРІЛИЙ)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3546,7 +3700,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3557,8 +3711,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3571,8 +3725,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3584,12 +3738,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3599,7 +3753,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3612,7 +3766,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3623,22 +3777,26 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +#, fuzzy +#| msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "Типове значення: FALSE (TRUE, якщо використано default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3657,7 +3815,7 @@ msgstr "" "$groupname</quote> поверне запитану групу так, наче вона була порожня." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3668,12 +3826,12 @@ msgstr "" "учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3682,7 +3840,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3694,7 +3852,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3706,23 +3864,23 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3731,12 +3889,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3747,7 +3905,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3756,12 +3914,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3774,7 +3932,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3786,24 +3944,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — для трансляції керування доступом до іншого модуля " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3812,7 +3970,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3824,7 +3982,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3836,18 +3994,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3856,19 +4014,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3880,7 +4038,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3889,7 +4047,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3898,20 +4056,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3930,7 +4088,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3944,12 +4102,12 @@ msgstr "" "sudo у SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3960,7 +4118,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3972,14 +4130,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3988,12 +4146,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4003,7 +4161,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4015,7 +4173,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4028,17 +4186,17 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "session_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4050,14 +4208,14 @@ msgstr "" "постачальники даних сеансів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote>, щоб дозволити пов'язані із сеансами користувачів " "завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4065,7 +4223,7 @@ msgstr "" "користувачів завдань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4074,7 +4232,7 @@ msgstr "" "його встановлено і дозволено виконувати пов'язані із сеансами завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -4084,12 +4242,12 @@ msgstr "" "непривілейованого користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4097,7 +4255,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4109,7 +4267,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4121,7 +4279,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4133,17 +4291,17 @@ msgstr "" "надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4152,7 +4310,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4164,12 +4322,81 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +#, fuzzy +#| msgid "sudo_provider (string)" +msgid "resolver_provider (string)" +msgstr "sudo_provider (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" +"Система, яка має обробляти дії зі зміни паролів для домену. Передбачено " +"підтримку таких систем зміни паролів:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +#, fuzzy +#| msgid "" +#| "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring LDAP." +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" +"<quote>ldap</quote> — завантажити карти, що зберігаються у LDAP. Докладніше " +"про налаштовування LDAP можна дізнатися з довідки до <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2960 +#, fuzzy +#| msgid "" +#| "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> for more information on configuring the AD provider." +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" +"<quote>ad</quote> — завантажити карти, що зберігаються на сервері AD. Див. " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>, щоб дізнатися більше про налаштовування засобу " +"надання даних AD." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +#, fuzzy +#| msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4183,7 +4410,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -4196,22 +4423,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4220,7 +4447,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -4231,7 +4458,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -4247,17 +4474,17 @@ msgstr "" "[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4266,48 +4493,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4320,7 +4547,7 @@ msgstr "" "роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -4329,18 +4556,18 @@ msgstr "" "більше про розв'язування питань, пов'язаних із службами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4349,54 +4576,54 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "case_sensitive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Враховується регістр. Це значення є некоректним для засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "Без врахування регістру." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4408,7 +4635,7 @@ msgstr "" "буде переведено у нижній регістр." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -4421,17 +4648,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "Типове значення: True (False для засобу надання даних AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4443,27 +4670,27 @@ msgstr "" "параметрів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4472,7 +4699,7 @@ msgstr "" "ldap_krb5_keytab не встановлено явним чином)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4482,33 +4709,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Зауваження: цей параметр працює лише для засобів надання даних IPA і AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4523,7 +4750,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4531,17 +4758,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4549,12 +4776,12 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4568,7 +4795,7 @@ msgstr "" "розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -4578,12 +4805,12 @@ msgstr "" "значення для різних довірених доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "Спеціальне значення 0 означає, що цю можливість вимкнено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4594,17 +4821,17 @@ msgstr "" "обробки <quote>initgroups</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "auto_private_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -4613,7 +4840,7 @@ msgstr "" "користувача. У цьому випадку номер GID буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4626,12 +4853,12 @@ msgstr "" "примусово встановлює унікальність записів у просторі ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -4640,19 +4867,12 @@ msgstr "" "вказувати на об'єкт групи у базі даних LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 -#, fuzzy -#| msgid "" -#| "A primary group is autogenerated for user entries whose UID and GID " -#| "numbers have the same value and at the same time the GID number does not " -#| "correspond to a real group object in LDAP If the values are the same, but " -#| "the primary GID in the user entry is also used by a group object, the " -#| "primary GID of the user resolves to that group object." +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4667,7 +4887,7 @@ msgstr "" "цього користувача визначатиме цей об'єкт групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -4676,7 +4896,7 @@ msgstr "" "групи, інакше надійне визначення GID буде просто неможливим." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4687,7 +4907,7 @@ msgstr "" "збереженням наявних приватних груп для користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -4696,7 +4916,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -4706,7 +4926,7 @@ msgstr "" "використовується автоматична прив'язка до ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4716,7 +4936,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4728,7 +4948,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4742,7 +4962,7 @@ msgstr "" "\"programlisting\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4753,17 +4973,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4772,12 +4992,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4788,12 +5008,35 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +#, fuzzy +#| msgid "proxy_lib_name (string)" +msgid "proxy_resolver_lib_name (string)" +msgstr "proxy_lib_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +#, fuzzy +#| msgid "" +#| "The name of the NSS library to use in proxy domains. The NSS functions " +#| "searched for in the library are in the form of _nss_$(libName)_" +#| "$(function), for example _nss_files_getpwent." +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" +"Назва бібліотеки NSS для використання у доменах з проксі-серверами. Функції " +"NSS шукаються у бібліотеці у форматі _nss_$(назва_бібліотеки)_$(функція), " +"наприклад _nss_files_getpwent." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4808,12 +5051,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4825,7 +5068,7 @@ msgstr "" "використання черги запитів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4834,12 +5077,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "Домени програм (application)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4867,7 +5110,7 @@ msgstr "" "який може успадковувати параметр з традиційного домену SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4878,17 +5121,17 @@ msgstr "" "його доменом-близнюком у POSIX має бути встановлено належним чином." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "Параметри доменів програм" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "inherit_from (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4900,7 +5143,7 @@ msgstr "" "розширюють або перевизначають параметри домену-<quote>близнюка</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4915,7 +5158,7 @@ msgstr "" "у кеші і робить атрибут phone доступним через інтерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -4949,12 +5192,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4965,29 +5208,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4996,17 +5239,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -5015,17 +5258,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -5034,12 +5277,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -5050,17 +5293,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -5073,17 +5316,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -5094,17 +5337,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -5115,17 +5358,17 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5143,57 +5386,57 @@ msgstr "" "такі параметри:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -5202,12 +5445,12 @@ msgstr "" "підручника." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "РОЗДІЛ ПРИВ'ЯЗКИ СЕРТИФІКАТІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5230,7 +5473,7 @@ msgstr "" "використовують для розпізнавання PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5242,7 +5485,7 @@ msgstr "" "citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5255,12 +5498,12 @@ msgstr "" "replaceable>]</quote>. У цьому розділі можна використовувати такі параметри:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "matchrule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -5269,7 +5512,7 @@ msgstr "" "цьому правилу. Усі інші сертифікати буде проігноровано." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -5279,17 +5522,17 @@ msgstr "" "<quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "maprule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "Визначає спосіб пошуку користувача для вказаного сертифіката." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -5298,7 +5541,7 @@ msgstr "" "даних, зокрема <quote>ldap</quote>, <quote>AD</quote> та <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." @@ -5307,12 +5550,12 @@ msgstr "" "запис користувача і такою самою назвою." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "domains (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5325,17 +5568,17 @@ msgstr "" "параметр можна використати і для додавання правила до піддоменів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "Типове значення: домен, який налаштовано у sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "priority (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5346,12 +5589,12 @@ msgstr "" "пріоритетність, а <quote>4294967295</quote> — найнижча." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "Типове значення: найнижча пріоритетність" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -5361,7 +5604,7 @@ msgstr "" "спеціальних властивостей:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -5370,7 +5613,7 @@ msgstr "" "відповідного облікового запису користувача" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5383,17 +5626,17 @@ msgstr "" "quote> або <quote>({назва_об'єкта_rfc822.коротка_назва})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "параметр <quote>domains</quote> буде проігноровано" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "РОЗДІЛ НАЛАШТОВУВАННЯ ЗАПИТІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5409,13 +5652,7 @@ msgstr "" "реєстраційних даних." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 -#, fuzzy -#| msgid "" -#| "With the growing number of authentication methods and the possibility " -#| "that there are multiple ones for a single user the heuristic used by " -#| "pam_sss to select the prompting might not be suitable for all use cases. " -#| "To following options should provide a better flexibility here." +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5429,22 +5666,22 @@ msgstr "" "випадках мають забезпечити описані нижче параметри." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "для зміни рядка запиту пароля" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -5453,42 +5690,37 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "для зміни рядка запиту для першого фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "для зміни рядка запиту для другого фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 -#, fuzzy -#| msgid "" -#| "boolean value, if True there will be only a single prompt using the value " -#| "of first_prompt where it is expected that both factor are entered as a " -#| "single string" +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5499,7 +5731,7 @@ msgstr "" "рядок." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5508,13 +5740,7 @@ msgstr "" "параметри: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 -#, fuzzy -#| msgid "" -#| "Each supported authentication method has it's own configuration sub-" -#| "section under <quote>[prompting/...]</quote>. Currently there are: " -#| "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#| "\"variablelist\" id=\"1\"/>" +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -5526,12 +5752,7 @@ msgstr "" "\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 -#, fuzzy -#| msgid "" -#| "It is possible to add a sub-section for specific PAM services like e.g. " -#| "<quote>[prompting/password/sshd]</quote> to individual change the " -#| "prompting for this service." +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5542,12 +5763,12 @@ msgstr "" "для цієї служби." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИКЛАДИ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -5601,7 +5822,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5614,7 +5835,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5624,7 +5845,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5641,7 +5862,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5663,7 +5884,7 @@ msgstr "" "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -5856,7 +6077,7 @@ msgstr "" "специфікації http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "Приклади:" @@ -6060,27 +6281,40 @@ msgstr "obfuscated_password" msgid "Default: password" msgstr "Типове значення: password" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +#, fuzzy +#| msgid "" +#| "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" +#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for " +#| "more information on the locator plugin." +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" +"Див. сторінку підручника (man) <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" -"Лексема розпізнавання типової назви сервера прив’язки. У поточній версії " -"передбачено підтримку лише паролів у форматі звичайного тексту." +#: sssd-ldap.5.xml:296 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The authentication token of the default bind DN." +msgstr "Тип розпізнавання для типової назви сервера прив’язки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6094,12 +6328,12 @@ msgstr "" "області у верхньому регістрі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6108,12 +6342,12 @@ msgstr "" "свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6124,7 +6358,7 @@ msgstr "" "цих записів з метою економії місця." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6138,12 +6372,12 @@ msgstr "" "кожні 3 години." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6155,7 +6389,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6171,7 +6405,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6187,12 +6421,12 @@ msgstr "" "обмеження вкладеності у групах." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6202,23 +6436,23 @@ msgstr "" "Directory Server 2008 та новіших версій." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "Типове значення: True для AD і IPA, інакше False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6228,22 +6462,36 @@ msgstr "" "налаштування декількох основ пошуку." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:428 +#, fuzzy +#| msgid "ldap_host_search_base (string)" +msgid "ldap_iphost_search_base (string)" +msgstr "ldap_host_search_base (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +#, fuzzy +#| msgid "ldap_netgroup_search_base (string)" +msgid "ldap_ipnetwork_search_base (string)" +msgstr "ldap_netgroup_search_base (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 +#: sssd-ldap.5.xml:441 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6254,7 +6502,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6265,12 +6513,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6281,12 +6529,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6303,12 +6551,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6322,12 +6570,12 @@ msgstr "" "розширеної операції зі зміни пароля та дії StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6341,17 +6589,38 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +#, fuzzy +#| msgid "ldap_connection_expire_timeout (integer)" +msgid "ldap_connection_expire_offset (integer)" +msgstr "ldap_connection_expire_timeout (ціле значення)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6361,17 +6630,17 @@ msgstr "" "один запит." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6382,7 +6651,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6392,7 +6661,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6403,17 +6672,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6429,12 +6698,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6445,19 +6714,42 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +#, fuzzy +#| msgid "ldap_sasl_minssf (integer)" +msgid "ldap_sasl_maxssf (integer)" +msgstr "ldap_sasl_minssf (ціле значення)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +#, fuzzy +#| msgid "" +#| "When communicating with an LDAP server using SASL, specify the minimum " +#| "security level necessary to establish the connection. The values of this " +#| "option are defined by OpenLDAP." +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" +"Під час обміну даними з сервером LDAP за допомогою SASL визначає мінімальний " +"рівень захисту, потрібний для встановлення з’єднання. Значення цього " +"параметра визначається OpenLDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6469,7 +6761,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6487,7 +6779,7 @@ msgstr "" "rootDSE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6500,7 +6792,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6511,12 +6803,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6526,7 +6818,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6535,7 +6827,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6547,7 +6839,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6558,7 +6850,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6569,22 +6861,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6593,7 +6885,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6602,12 +6894,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6620,32 +6912,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6657,12 +6949,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6671,12 +6963,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6688,19 +6980,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6720,18 +7012,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -6740,7 +7032,7 @@ msgstr "" "перевірено і передбачено підтримку лише механізмів GSSAPI та GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6758,12 +7050,12 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -6783,7 +7075,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6804,17 +7096,17 @@ msgstr "" "таблиці ключів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6826,17 +7118,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6846,36 +7138,36 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI/GSS-" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6886,12 +7178,12 @@ msgstr "" "механізм GSSAPI або GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" @@ -6899,17 +7191,17 @@ msgstr "" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6928,7 +7220,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6940,7 +7232,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6951,30 +7243,30 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI/GSS-SPNEGO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6984,12 +7276,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7004,7 +7296,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7015,12 +7307,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7029,7 +7321,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7038,7 +7330,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7049,7 +7341,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7060,7 +7352,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7070,18 +7362,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7090,7 +7382,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7104,28 +7396,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7134,17 +7426,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7153,12 +7445,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7187,12 +7479,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7204,7 +7496,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7213,7 +7505,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7227,17 +7519,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7246,7 +7538,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7257,12 +7549,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7271,7 +7563,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7284,7 +7576,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7295,7 +7587,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7308,7 +7600,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7319,24 +7611,24 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7351,7 +7643,7 @@ msgstr "" "для працездатності цієї можливості слід встановити «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7361,7 +7653,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7384,13 +7676,13 @@ msgstr "" "параметра слід встановити значення «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7405,7 +7697,7 @@ msgstr "" "наприклад на ключах SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7420,7 +7712,7 @@ msgstr "" "негайно змінити пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -7428,7 +7720,7 @@ msgstr "" "від SSSD не надходитиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -7438,7 +7730,7 @@ msgstr "" "параметра «ldap_pwd_policy» відповідні правила поводження із паролями." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7447,14 +7739,14 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -7463,7 +7755,7 @@ msgstr "" "того, чи матиме віддалений вузол доступ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -7473,12 +7765,12 @@ msgstr "" "керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7487,12 +7779,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7506,22 +7798,22 @@ msgstr "" "можна буде перевірити належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7530,13 +7822,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7546,7 +7838,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7555,7 +7847,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7564,7 +7856,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7573,12 +7865,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7587,7 +7879,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7605,7 +7897,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7617,12 +7909,12 @@ msgstr "" "групами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -7631,26 +7923,19 @@ msgstr "" "пошуку з використанням символів-замінників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "У поточній версії пошук із використанням символів-замінників передбачено " "лише для відповідача InfoPipe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "Типове значення: 1000 (часто розмір однієї сторінки)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 -#, fuzzy -#| msgid "" -#| "All of the common configuration options that apply to SSSD domains also " -#| "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " @@ -7663,16 +7948,19 @@ msgstr "" "Всі загальні параметри налаштування, які стосуються доменів SSSD, також " "стосуються і доменів LDAP. Зверніться до розділу «РОЗДІЛИ ДОМЕНІВ» сторінки " "підручника <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися більше. " -"<placeholder type=\"variablelist\" id=\"0\"/>" +"<manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися більше. Зауважте, що " +"атрибути прив'язки до LDAP SSSD описано на сторінці підручника щодо " +"<citerefentry> <refentrytitle>sssd-ldap-attributes</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>. <placeholder type=\"variablelist\" " +"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7683,12 +7971,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7698,7 +7986,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7707,17 +7995,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7728,7 +8016,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення сервера USN, яке відоме SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7737,7 +8025,7 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7753,12 +8041,12 @@ msgstr "" "emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7768,12 +8056,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7782,7 +8070,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7791,8 +8079,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7801,17 +8089,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7820,7 +8108,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7829,12 +8117,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7843,12 +8131,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7857,7 +8145,7 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -7866,7 +8154,7 @@ msgstr "" "для сервера LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7879,12 +8167,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -7893,47 +8181,47 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7946,22 +8234,22 @@ msgstr "" "груп показуються неправильно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7974,14 +8262,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7992,7 +8280,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8012,20 +8300,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИКЛАД ФІЛЬТРА ДОСТУПУ LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -8034,7 +8322,7 @@ msgstr "" "чином і використано ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8060,13 +8348,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8424,11 +8712,267 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +#, fuzzy +#| msgid "The type of the authentication token of the default bind DN." +msgid "The user's authentication token has expired." +msgstr "Тип розпізнавання для типової назви сервера прив’язки." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +#, fuzzy +#| msgid "Unlock the user account." +msgid "The user account has expired." +msgstr "Розблокувати обліковий запис користувача." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:414 +msgid "" +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:424 +#, fuzzy +#| msgid "Configuration attributes" +msgid "Conversation failure." +msgstr "Атрибути налаштувань" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:464 msgid "FILES" msgstr "ФАЙЛИ" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -8440,7 +8984,7 @@ msgstr "" "повідомленні, наприклад, можуть міститися настанови щодо скидання пароля." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -8460,7 +9004,7 @@ msgstr "" "іншим користувачам може бути надано лише право читання файлів." #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -9000,13 +9544,28 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "Приклад: <SUBJECT>.*,DC=MY,DC=DOMAIN" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +#, fuzzy +#| msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "Приклад: <SUBJECT>.*,DC=MY,DC=DOMAIN" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "<ISSUER>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." @@ -9016,17 +9575,17 @@ msgstr "" "SUBJECT>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "Приклад: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "<KU>використання-ключа" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" @@ -9036,52 +9595,52 @@ msgstr "" "можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "digitalSignature" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "nonRepudiation" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "dataEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "keyAgreement" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "keyCertSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "cRLSign" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "encipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "decipherOnly" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." @@ -9090,17 +9649,17 @@ msgstr "" "діапазоні 32-бітових цілих чисел без знаку." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "Приклад: <KU>digitalSignature,keyEncipherment" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "<EKU>розширене-використання-ключа" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" @@ -9110,52 +9669,52 @@ msgstr "" "відокремлених комами, можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "serverAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "clientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "codeSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "emailProtection" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "timeStamping" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "OCSPSigning" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "KPClientAuth" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "pkinit" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "msScLogin" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." @@ -9164,17 +9723,17 @@ msgstr "" "можна визначити за допомогою їхнього OID у точково-десятковому позначенні." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "Приклад: <EKU>clientAuth,1.3.6.1.5.2.3.4" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "<SAN>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -9185,65 +9744,65 @@ msgstr "" "так, як це робить <SAN:Principal>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "Приклад: <SAN>.*@MY\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "<SAN:Principal>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" "Встановити відповідність реєстраційних даних Kerberos у PKINIT або AD NT " "Principal SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "Приклад: <SAN:Principal>.*@MY\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "<SAN:ntPrincipalName>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" "Встановити відповідність реєстраційних даних Kerberos з AD NT Principal SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "Приклад: <SAN:ntPrincipalName>.*@MY.AD.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "<SAN:pkinit>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "Встановити відповідність реєстраційних даних Kerberos з SAN PKINIT." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "Приклад: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "<SAN:dotted-decimal-oid>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -9254,17 +9813,17 @@ msgstr "" "відповідність формальному виразу." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "Приклад: <SAN:1.2.3.4>test" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "<SAN:otherName>base64-string" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -9277,62 +9836,62 @@ msgstr "" "особливими кодуваннями, які не можна обробляти як рядки." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "Приклад: <SAN:otherName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "<SAN:rfc822Name>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "Встановити відповідність значення SAN rfc822Name." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "Приклад: <SAN:rfc822Name>.*@email\\.domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "<SAN:dNSName>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "Встановити відповідність значення SAN dNSName." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "Приклад: <SAN:dNSName>.*\\.my\\.dns\\.domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "<SAN:x400Address>рядок-base64" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "Встановити двійкову відповідність значення SAN x400Address." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "Приклад: <SAN:x400Address>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "<SAN:directoryName>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." @@ -9342,68 +9901,68 @@ msgstr "" "та <SUBJECT>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "Приклад: <SAN:directoryName>.*,DC=com" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "<SAN:ediPartyName>рядок-base64" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "Встановити двійкову відповідність значення SAN ediPartyName." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "Приклад: <SAN:ediPartyName>MTIz" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "<SAN:uniformResourceIdentifier>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "Встановити відповідність значення SAN uniformResourceIdentifier." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "Приклад: <SAN:uniformResourceIdentifier>URN:.*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "<SAN:iPAddress>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "Встановити відповідність значення SAN iPAddress." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "Приклад: <SAN:iPAddress>192\\.168\\..*" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "<SAN:registeredID>формальний-вираз" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" "Встановити значення SAN registeredID у форматі точково-десяткового рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "Приклад: <SAN:registeredID>1\\.2\\.3\\..*" @@ -9414,12 +9973,12 @@ msgid "" msgstr "Доступні варіанти: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "ПРАВИЛО ПРИВʼЯЗУВАННЯ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -9431,7 +9990,7 @@ msgstr "" "цих облікових записів." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -9451,7 +10010,7 @@ msgstr "" "завершуватися «(» і «)», відповідно." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -9464,7 +10023,7 @@ msgstr "" "«ipaCertMapData» для IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -9479,12 +10038,12 @@ msgstr "" "бажаним шляхом, розірвати прив'язку буде важко." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9495,7 +10054,7 @@ msgstr "" "стоїть останнім), буде використано параметр із префіксом «_x500»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." @@ -9505,7 +10064,7 @@ msgstr "" "«S», замість «ST»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." @@ -9514,7 +10073,7 @@ msgstr "" "використовуватимуться назви атрибутів, які використовуються NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." @@ -9523,7 +10082,7 @@ msgstr "" "NSS і упорядковування за LDAP/RFC 4514." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" @@ -9532,12 +10091,12 @@ msgstr "" "ad})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -9548,7 +10107,7 @@ msgstr "" "стоїть останнім), буде використано параметр із префіксом «_x500»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" @@ -9557,12 +10116,12 @@ msgstr "" "{subject_dn!nss_x500})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "{cert[!(bin|base64)]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -9578,17 +10137,17 @@ msgstr "" "«userCertificate;binary»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "Приклад: (userCertificate;binary={cert!bin})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "{subject_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -9599,7 +10158,7 @@ msgstr "" "«short_name» відповідає першій частині реєстраційного запису до символу «@»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" @@ -9608,12 +10167,12 @@ msgstr "" "(samAccountName={subject_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "{subject_pkinit_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -9624,7 +10183,7 @@ msgstr "" "реєстраційного запису до символу «@»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" @@ -9633,12 +10192,12 @@ msgstr "" "(uid={subject_pkinit_principal.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "{subject_nt_principal[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -9649,12 +10208,12 @@ msgstr "" "реєстраційного запису до символу «@»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "{subject_rfc822_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -9665,7 +10224,7 @@ msgstr "" "частині адреси до символу «@»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" @@ -9674,12 +10233,12 @@ msgstr "" "short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "{subject_dns_name[.short_name]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -9690,19 +10249,19 @@ msgstr "" "назви до першого символу «.»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" "Приклад: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "{subject_uri}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." @@ -9711,34 +10270,34 @@ msgstr "" "uniformResourceIdentifier SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "Приклад: (uri={subject_uri})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "{subject_ip_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "Цей шаблон додає рядок, який зберігається у компоненті iPAddress SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "Приклад: (ip={subject_ip_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "{subject_x400_address}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." @@ -9747,19 +10306,19 @@ msgstr "" "послідовність екранованих шістнадцяткових чисел." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "Приклад: (attr:binary={subject_x400_address})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." @@ -9768,17 +10327,17 @@ msgstr "" "directoryName SAN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "Приклад: (orig_dn={subject_directory_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "{subject_ediparty_name}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." @@ -9787,17 +10346,17 @@ msgstr "" "послідовність екранованих шістнадцяткових чисел." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "Приклад: (attr:binary={subject_ediparty_name})" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "{subject_registered_id}" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." @@ -9806,12 +10365,12 @@ msgstr "" "форматі точково-десяткового рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "Приклад: (oid={subject_registered_id})" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -9826,12 +10385,12 @@ msgstr "" "Дозволені значення: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "СПИСОК ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -10001,7 +10560,7 @@ msgstr "" "цього вузла. Назву вузла слід вказувати повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -10021,7 +10580,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10042,12 +10601,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10074,12 +10633,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10112,17 +10671,17 @@ msgstr "" "для з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Приклад: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "dyndns_auth (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10133,7 +10692,7 @@ msgstr "" "можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "Типове значення: GSS-TSIG" @@ -10143,7 +10702,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "ipa_enable_dns_sites (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "Вмикає сайти DNS — визначення служб на основі адрес." @@ -10168,7 +10727,7 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" @@ -10185,12 +10744,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10214,12 +10773,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10228,17 +10787,17 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "dyndns_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -10248,7 +10807,7 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." @@ -10257,7 +10816,7 @@ msgstr "" "DNS відрізняється від сервера профілів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." @@ -10267,17 +10826,17 @@ msgstr "" "невдало." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10410,12 +10969,12 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -10424,7 +10983,7 @@ msgstr "" "налаштувань Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -10433,7 +10992,7 @@ msgstr "" "значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10458,7 +11017,7 @@ msgstr "" "щодо профілів станції." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" @@ -10616,6 +11175,7 @@ msgstr "Назва атрибута, у якому зберігається на #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "Типове значення: cn" @@ -10814,7 +11374,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "НАЛАШТОВУВАННЯ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10825,31 +11385,37 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 -msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +#, fuzzy +#| msgid "" +#| "Some configuration options can be also set for a trusted domain. A " +#| "trusted domain configuration can either be done using a subsection, for " +#| "example: <placeholder type=\"programlisting\" id=\"0\"/>" +msgid "" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" "Для довіреного домену можна також встановити деякі параметри налаштовування. " "Налаштовування довіреного домену можна виконати за допомогою підрозділу, " "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 +#, fuzzy +#| msgid "" +#| "used by the <citerefentry> <refentrytitle>sssd-kcm</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry> service." msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Крім того, деякі параметри можна встановити у батьківському домені і " -"успадкувати для довіреного домену за допомогою параметра " -"<quote>subdomain_inherit</quote>. Щоб дізнатися більше, ознайомтеся зі " -"сторінкою підручника <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry>." +"використовується службою <citerefentry> <refentrytitle>sssd-kcm</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -10858,60 +11424,60 @@ msgstr "" "як ви налаштували SSSD на сервері IPA або клієнт IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА ОСНОВНИХ СЕРВЕРАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" "У розділі піддомену на основному сервері IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА КЛІЄНТАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "У розділі піддомену на клієнті IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -10920,7 +11486,7 @@ msgstr "" "<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10943,7 +11509,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10955,7 +11521,7 @@ msgstr "" "ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11269,32 +11835,43 @@ msgstr "ad_hostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 +#, fuzzy +#| msgid "" +#| "Optional. May be set on machines where the hostname(5) does not reflect " +#| "the fully qualified name used in the IPA domain to identify this host. " +#| "The hostname must be fully qualified." msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" "Необов’язковий. Може бути встановлено на комп’ютерах, де hostname(5) не " -"відповідає повній назві, що використовується доменом Active Directory для " -"розпізнавання цього вузла." +"відповідає повній назві, що використовується доменом IPA для розпізнавання " +"цього вузла. Назву вузла слід вказувати повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 +#, fuzzy +#| msgid "" +#| "This field is used to determine the host principal in use in the keytab. " +#| "It must match the hostname for which the keytab was issued." msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" "Це поле використовується для визначення основної назви вузла, яка " "використовуватиметься у таблиці ключів. Ця назва має відповідати назві " "вузла, для якого випущено таблицю ключів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "ad_enable_dns_sites (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -11312,12 +11889,12 @@ msgstr "" "сайтів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "ad_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -11330,7 +11907,7 @@ msgstr "" "значення «ad», щоб цей параметр почав діяти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -11343,7 +11920,7 @@ msgstr "" "«FOREST» або ключове слово слід пропустити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -11356,7 +11933,7 @@ msgstr "" "вказаного значенням «НАЗВА»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." @@ -11365,7 +11942,7 @@ msgstr "" "визначення фільтрів у базах для пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -11387,7 +11964,7 @@ msgstr "" "відповідності у LDAP</ulink>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -11401,7 +11978,7 @@ msgstr "" "специфікацією, використовуватиметься лише перший з них." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -11431,12 +12008,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "ad_site (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." @@ -11445,12 +12022,12 @@ msgstr "" "вказано, виконуватиметься спроба автоматичного визначення сайта AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "ad_enable_gc (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -11464,7 +12041,7 @@ msgstr "" "SSSD встановлюватиме зв’язок лише з портом LDAP поточного сервера AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -11479,12 +12056,12 @@ msgstr "" "групах для різних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "ad_gpo_access_control (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -11499,12 +12076,7 @@ msgstr "" "«access_provider» значення «ad»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 -#, fuzzy -#| msgid "" -#| "GPO-based access control functionality uses GPO policy settings to " -#| "determine whether or not a particular user is allowed to logon to a " -#| "particular host." +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -11513,19 +12085,32 @@ msgid "" msgstr "" "Функціональні можливості з керування доступом на основі GPO використовують " "параметри правил GPO для визначення того, може чи не може той чи інший " -"користувач увійти до системи певного вузла мережі." +"користувач увійти до системи вузла мережі. Якщо вам потрібна докладніша " +"інформація щодо підтримуваних параметрів правил, зверніться до параметрів " +"<quote>ad_gpo_map</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 +#, fuzzy +#| msgid "" +#| "Please note that current version of SSSD does not support Active " +#| "Directory's built-in groups. Built-in groups (such as Administrators " +#| "with SID S-1-5-32-544) in GPO access control rules will be ignored by " +#| "SSSD. See upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" +"Будь ласка, зверніть увагу на те, що у поточній версії SSSD не передбачено " +"підтримки вбудованих груп Active Directory. Вбудовані групи до правил " +"керування доступом на основі GPO (зокрема Administrators із SID " +"S-1-5-32-544) SSSD просто ігноруватиме. Див. запис системи стеження за " +"вадами https://pagure.io/SSSD/sssd/issue/4099 ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -11533,23 +12118,32 @@ msgid "" "a user, the user or at least one of the groups to which it belongs must have " "following permissions on the GPO:" msgstr "" +"Перед виконанням керування доступом SSSD застосовує захисне фільтрування на " +"основі правил груп до списку GPO. Для кожного входу користувача до системи " +"програма перевіряє застосовність GPO, які пов'язано із відповідним вузлом. " +"Щоб GPO можна було застосувати до користувача, користувач або принаймні одна " +"з груп, до яких він належить, повинен мати такі права доступу до GPO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" +"Read: користувач або одна з його груп повинна мати доступ до читання " +"властивостей GPO (RIGHT_DS_READ_PROPERTY)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" +"Apply Group Policy: користувач або принаймні одна з його груп повинна мати " +"доступ до застосування GPO (RIGHT_DS_CONTROL_ACCESS)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -11557,31 +12151,14 @@ msgid "" "and access control are started, the Authenticated Users group permissions on " "the GPO always apply also to the user." msgstr "" +"Типово, у GPO є група Authenticated Users, для якої встановлено одразу права " +"доступу Read та Apply Group Policy. Оскільки розпізнавання користувача має " +"бути успішно завершено до захисного фільтрування GPO і запуску керування " +"доступом, до облікового запису користувача завжди застосовуються права " +"доступу групи Authenticated Users щодо GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" -"Зауваження: у поточній версії SSSD не передбачено підтримки записів вузлів " -"(комп'ютерів) до списку «Фільтрування захисту» («Security Filtering») GPO. " -"Передбачено підтримку лише записів користувачів і груп. Записи вузлів у " -"списку ні на що не впливатимуть." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 -#, fuzzy -#| msgid "" -#| "NOTE: If the operation mode is set to enforcing, it is possible that " -#| "users that were previously allowed logon access will now be denied logon " -#| "access (as dictated by the GPO policy settings). In order to facilitate a " -#| "smooth transition for administrators, a permissive mode is available that " -#| "will not enforce the access control rules, but will evaluate them and " -#| "will output a syslog message if access would have been denied. By " -#| "examining the logs, administrators can then make the necessary changes " -#| "before setting the mode to enforcing." +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -11603,15 +12180,18 @@ msgstr "" "відповідність цим правилам і виводитиме до системного журналу повідомлення, " "якщо доступ було надано усупереч цим правилам. Вивчення журналу надасть " "змогу адміністраторам внести відповідні зміни до встановлення примусового " -"режиму (enforcing)." +"режиму (enforcing). Для запису до журналу даних керування доступом на основі " +"GPO потрібен рівень діагностики «trace functions» (див. сторінку підручника " +"<citerefentry> <refentrytitle>sssctl</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "У цього параметра є три підтримуваних значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" @@ -11619,14 +12199,14 @@ msgstr "" "використовуються примусово." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" "enforcing: правила керування доступом, засновані на GPO, обробляються і " "використовуються примусово." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -11639,22 +12219,22 @@ msgstr "" "enforcing." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "Типове значення: permissive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "Типове значення: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "ad_gpo_implicit_deny (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -11673,12 +12253,12 @@ msgstr "" "Administrators, якщо немає правил GPO, якими надається такий доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "ad_gpo_ignore_unreadable (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -11693,12 +12273,12 @@ msgstr "" "правил груп є непридатним до читання з SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11709,12 +12289,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11728,9 +12308,22 @@ msgid "" "local access only, if it or at least one of its groups is part of the policy " "settings." msgstr "" +"Список назв служб PAM, відокремлених комами, для яких оцінки для керування " +"доступом на основі GPO виконуються на основі параметрів правил " +"InteractiveLogonRight і DenyInteractiveLogonRight. Виконуватиметься оцінка " +"лише тих GPO, до яких користувач має права доступу Read і Apply Group Policy " +"(див. параметр <quote>ad_gpo_access_control</quote>). Якщо у якомусь із " +"оброблених GPO міститься параметр заборони інтерактивного входу до системи " +"для користувача або однієї з його груп, користувачеві буде заборонено " +"локальний доступ. Якщо для жодного із оброблених GPO немає визначеного права " +"на інтерактивний вхід до системи, користувачеві буде надано локальний " +"доступ. Якщо хоча б одному зі оброблених GPO містяться параметри прав на " +"інтерактивний вхід до системи, користувачеві буде надано лише локальний " +"доступ, якщо він або принаймні одна з його груп є частиною параметрів " +"правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." @@ -11740,7 +12333,7 @@ msgstr "" "вхід» («Deny log on locally»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11750,7 +12343,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11769,42 +12362,42 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "lightdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "lxdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "sddm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "unity" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "xdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11818,9 +12411,22 @@ msgid "" "settings, the user is granted remote access only, if it or at least one of " "its groups is part of the policy settings." msgstr "" +"Список назв служб PAM, відокремлених комами, для яких оцінки для керування " +"доступом на основі GPO виконуються на основі параметрів правил " +"RemoteInteractiveLogonRight і DenyRemoteInteractiveLogonRight. " +"Виконуватиметься оцінка лише тих GPO, до яких користувач має права доступу " +"Read і Apply Group Policy (див. параметр <quote>ad_gpo_access_control</" +"quote>). Якщо у якомусь із оброблених GPO міститься параметр заборони " +"віддаленого входу до системи для користувача або однієї з його груп, " +"користувачеві буде заборонено віддалений інтерактивний доступ. Якщо для " +"жодного із оброблених GPO немає визначеного права на віддалений вхід до " +"системи, користувачеві буде надано віддалений доступ. Якщо хоча б одному зі " +"оброблених GPO містяться параметри прав на віддалений вхід до системи, " +"користувачеві буде надано лише віддалений доступ, якщо він або принаймні " +"одна з його груп є частиною параметрів правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11832,7 +12438,7 @@ msgstr "" "служб віддаленої стільниці» («Deny log on through Remote Desktop Services»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11842,7 +12448,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11861,22 +12467,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "cockpit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11890,9 +12496,22 @@ msgid "" "logon access only, if it or at least one of its groups is part of the policy " "settings." msgstr "" +"Список назв служб PAM, відокремлених комами, для яких оцінки для керування " +"доступом на основі GPO виконуються на основі параметрів правил " +"NetworkLogonRight і DenyNetworkLogonRight. Виконуватиметься оцінка лише тих " +"GPO, до яких користувач має права доступу Read і Apply Group Policy (див. " +"параметр <quote>ad_gpo_access_control</quote>). Якщо у якомусь із оброблених " +"GPO міститься параметр заборони входу до системи за допомогою мережі для " +"користувача або однієї з його груп, користувачеві буде заборонено локальний " +"доступ. Якщо для жодного із оброблених GPO немає визначеного права на вхід " +"до системи за допомогою мережі, користувачеві буде надано доступ до входу. " +"Якщо хоча б одному зі оброблених GPO містяться параметри прав на вхід до " +"системи за допомогою мережі, користувачеві буде надано лише доступ до входу " +"до системи, якщо він або принаймні одна з його груп є частиною параметрів " +"правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11904,7 +12523,7 @@ msgstr "" "мережі» (Deny access to this computer from the network»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11914,7 +12533,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11933,22 +12552,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11961,9 +12580,22 @@ msgid "" "settings, the user is granted logon access only, if it or at least one of " "its groups is part of the policy settings." msgstr "" +"Список назв служб PAM, відокремлених комами, для яких оцінки для керування " +"доступом на основі GPO виконуються на основі параметрів правил " +"BatchLogonRight і DenyBatchLogonRight. Виконуватиметься оцінка лише тих GPO, " +"до яких користувач має права доступу Read і Apply Group Policy (див. " +"параметр <quote>ad_gpo_access_control</quote>). Якщо у якомусь із оброблених " +"GPO міститься параметр заборони пакетного входу до системи для користувача " +"або однієї з його груп, користувачеві буде заборонено доступ до пакетного " +"входу до системи. Якщо для жодного із оброблених GPO немає визначеного права " +"на пакетний вхід до системи, користувачеві буде надано доступ до входу до " +"системи. Якщо хоча б одному зі оброблених GPO містяться параметри прав на " +"пакетний вхід до системи, користувачеві буде надано лише доступ до входу до " +"системи, якщо він або принаймні одна з його груп є частиною параметрів " +"правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." @@ -11973,7 +12605,7 @@ msgstr "" "job») і «Заборонити вхід як пакетне завдання» («Deny log on as a batch job»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11983,7 +12615,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12002,24 +12634,24 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" "Зауваження: назва служби cron у різних дистрибутивах Linux може бути різною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -12033,9 +12665,22 @@ msgid "" "logon access only, if it or at least one of its groups is part of the policy " "settings." msgstr "" +"Список назв служб PAM, відокремлених комами, для яких оцінки для керування " +"доступом на основі GPO виконуються на основі параметрів правил " +"ServiceLogonRight і DenyServiceLogonRight. Виконуватиметься оцінка лише тих " +"GPO, до яких користувач має права доступу Read і Apply Group Policy (див. " +"параметр <quote>ad_gpo_access_control</quote>). Якщо у якомусь із оброблених " +"GPO міститься параметр заборони входу до системи за допомогою служб для " +"користувача або однієї з його груп, користувачеві буде заборонено вхід до " +"системи за допомогою служб. Якщо для жодного із оброблених GPO немає " +"визначеного права на вхід до системи за допомогою служб, користувачеві буде " +"надано доступ до входу до системи. Якщо хоча б одному зі оброблених GPO " +"містяться параметри прав на вхід до системи за допомогою служб, " +"користувачеві буде надано лише доступ до входу до системи, якщо він або " +"принаймні одна з його груп є частиною параметрів правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." @@ -12045,7 +12690,7 @@ msgstr "" "«Заборонити вхід як службу» («Deny log on as a service»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -12055,7 +12700,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -12072,12 +12717,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." @@ -12086,7 +12731,7 @@ msgstr "" "основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -12096,7 +12741,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12115,22 +12760,22 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "polkit-1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." @@ -12139,7 +12784,7 @@ msgstr "" "на основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -12149,12 +12794,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -12176,57 +12821,57 @@ msgstr "" "забороняла доступ для непов’язаних назв служб PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "Передбачені значення для цього параметра:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "remote_interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "network" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "batch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "service" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "Типове значення: deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "ad_maximum_machine_account_password_age (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -12237,17 +12882,17 @@ msgstr "" "Значення 0 вимкне спроби оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "Типове значення: 30 днів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "ad_machine_account_password_renewal_opts (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -12262,12 +12907,46 @@ msgstr "" "— визначає початковий час очікування на перший запуск завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "Типове значення: 86400:750 (24 годин і 15 хвилин)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +#, fuzzy +#| msgid "ad_maximum_machine_account_password_age (integer)" +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "ad_maximum_machine_account_password_age (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +#, fuzzy +#| msgid "ldap_id_use_start_tls (boolean)" +msgid "ad_use_ldaps (bool)" +msgstr "ldap_id_use_start_tls (булеве значення)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12284,12 +12963,12 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -12298,7 +12977,7 @@ msgstr "" "для з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12315,12 +12994,12 @@ msgstr "" "значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12331,7 +13010,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12355,7 +13034,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12367,7 +13046,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12379,7 +13058,7 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12394,7 +13073,7 @@ msgstr "" "шифрування) вручну." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -13029,10 +13708,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:259 -#, fuzzy -#| msgid "" -#| "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " -#| "applications will not use the fast in memory cache." msgid "" "If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", client " "applications will not use the fast in-memory cache." @@ -13752,9 +14427,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 +#, fuzzy +#| msgid "" +#| "This backend also provides access control based on the .k5login file in " +#| "the home directory of the user. See <citerefentry> <refentrytitle>." +#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more " +#| "details. Please note that an empty .k5login file will deny all access to " +#| "this user. To activate this feature, use 'access_provider = krb5' in your " +#| "SSSD configuration." msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -14329,11 +15012,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:518 -#, fuzzy -#| msgid "" -#| "The krb5_kdcinfo_lookahead option contains two numbers seperated by a " -#| "colon. The first number represents number of primary servers used and the " -#| "second number specifies the number of backup servers." msgid "" "The krb5_kdcinfo_lookahead option contains two numbers separated by a colon. " "The first number represents number of primary servers used and the second " @@ -14345,12 +15023,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:524 -#, fuzzy -#| msgid "" -#| "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " -#| "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" -#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. but no backup " -#| "servers." msgid "" "For example <emphasis>10:0</emphasis> means that up to 10 primary servers " "will be handed to <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" @@ -14360,7 +15032,7 @@ msgstr "" "Наприклад, <emphasis>10:0</emphasis> означає «буде передано до 10 основних " "серверів до <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>», але не буде " -"передано резервні сервери." +"передано резервні сервери" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:533 @@ -17497,21 +18169,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-kcm.8.xml:61 -#, fuzzy -#| msgid "" -#| "the SSSD implementation stores the ccaches in the SSSD <citerefentry> " -#| "<refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</manvolnum> </" -#| "citerefentry> secrets store, allowing the ccaches to survive KCM server " -#| "restarts or machine reboots." msgid "" "the SSSD implementation stores the ccaches in a database, typically located " "at <replaceable>/var/lib/sss/secrets</replaceable> allowing the ccaches to " "survive KCM server restarts or machine reboots." msgstr "" -"реалізація у SSSD зберігає ccache-і у сховищі реєстраційних даних " -"<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry> SSSD, що надає змогу ccache-ам переживати " -"перезапуски сервера KCM та перезавантаження комп'ютера." +"реалізація у SSSD зберігає дані ccache у базі даних, файл якої типово " +"називається <replaceable>/var/lib/sss/secrets</replaceable>. За допомогою " +"цього файла ccache зберігаються протягом періодів перезапуску сервера KCM " +"або перезавантаження комп'ютера." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:67 @@ -17698,28 +18364,24 @@ msgid "" "after changing options in the <quote>kcm</quote> section of sssd.conf: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"Налаштовування служби KCM виконується за допомогою розділу <quote>kcm</" +"quote> файла sssd.conf. Будь ласка, зауважте, що оскільки активація служби " +"KCM, зазвичай, відбувається за допомогою сокетів, після внесення змін до " +"розділу <quote>kcm</quote> файла sssd.conf достатньо перезапустити службу " +"<quote>sssd-kcm</quote>: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:175 -#, fuzzy -#| msgid "" -#| "This manual page describes the files provider for <citerefentry> " -#| "<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </" -#| "citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -#| "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgid "" "The KCM service is configured in the <quote>kcm</quote> For a detailed " "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page." msgstr "" -"На цій сторінці довідника описано налаштування засобу обробки файлів для " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Щоб дізнатися більше про синтаксис налаштування, зверніться " -"до розділу «ФОРМАТ ФАЙЛА» сторінки довідника <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>." +"Налаштування служби KCM виконують за допомогою <quote>kcm</quote>. Докладний " +"опис синтаксичних конструкцій налаштувань наведено у розділі <quote>ФОРМАТ " +"ФАЙЛА</quote> сторінки підручника щодо <citerefentry> <refentrytitle>sssd." +"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:183 @@ -17755,27 +18417,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:205 -#, fuzzy -#| msgid "max_secrets (integer)" msgid "max_ccaches (integer)" -msgstr "max_secrets (ціле значення)" +msgstr "max_ccaches (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:208 msgid "How many credential caches does the KCM database allow for all users." msgstr "" +"Скільки кешів реєстраційних може мати даних база даних KCM для усіх " +"користувачів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:212 msgid "Default: 0 (unlimited, only the per-UID quota is enforced)" msgstr "" +"Типове значення: 0 (без обмежень, застосовується лише квота на кількість " +"кешів на UID)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:217 -#, fuzzy -#| msgid "max_uid_secrets (integer)" msgid "max_uid_ccaches (integer)" -msgstr "max_uid_secrets (ціле число)" +msgstr "max_uid_ccaches (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:220 @@ -17783,20 +18445,19 @@ msgid "" "How many credential caches does the KCM database allow per UID. This is " "equivalent to <quote>with how many principals you can kinit</quote>." msgstr "" +"Скільки кешів реєстраційних може мати даних база даних KCM для окремого UID. " +"Еквівалент значення <quote>кількість реєстраційних даних, які можна " +"ініціювати за допомогою kinit</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 64" -msgstr "Типове значення: 6" +msgstr "Типове значення: 64" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 -#, fuzzy -#| msgid "max_payload_size (integer)" msgid "max_ccache_size (integer)" -msgstr "max_payload_size (ціле значення)" +msgstr "max_ccache_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:233 @@ -17804,13 +18465,13 @@ msgid "" "How big can a credential cache be per ccache. Each service ticket accounts " "into this quota." msgstr "" +"Наскільки великим може бути кеш реєстраційних даних окремого ccache. Ця " +"квота обчислюється для усіх квитків служб разом." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 6" msgid "Default: 65536" -msgstr "Типове значення: 6" +msgstr "Типове значення: 65536" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -17988,13 +18649,7 @@ msgstr "Зондує функцію sdap_get_generic_ext_send()." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:152 -#, fuzzy, no-wrap -#| msgid "" -#| "base:string\n" -#| "scope:integer\n" -#| "filter:string\n" -#| "probestr:string\n" -#| " " +#, no-wrap msgid "" "base:string\n" "scope:integer\n" @@ -18006,6 +18661,7 @@ msgstr "" "base:рядок\n" "scope:ціле число\n" "filter:рядок\n" +"attrs:рядок\n" "probestr:рядок\n" " " @@ -18037,10 +18693,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:176 -#, fuzzy -#| msgid "probe sdap_deref_send" msgid "probe sdap_parse_entry" -msgstr "зонд sdap_deref_send" +msgstr "зонд sdap_parse_entry" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:179 @@ -18048,27 +18702,25 @@ msgid "" "Probes the sdap_parse_entry() function. It is called repeatedly with every " "received attribute." msgstr "" +"Зондує функцію sdap_parse_entry(). Викликається повторно для кожного " +"отриманого атрибута." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><programlisting> #: sssd-systemtap.5.xml:184 -#, fuzzy, no-wrap -#| msgid "" -#| "filter:string\n" -#| " " +#, no-wrap msgid "" "attr:string\n" "value:string\n" " " msgstr "" -"filter:рядок\n" -" " +"attr:рядок\n" +"value:рядок\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:190 -#, fuzzy -#| msgid "probe dp_req_done" msgid "probe sdap_parse_entry_done" -msgstr "зонд dp_req_done" +msgstr "probe sdap_parse_entry_done" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:193 @@ -18076,6 +18728,8 @@ msgid "" "Probes the sdap_parse_entry() function. It is called when parsing of " "received object is finished." msgstr "" +"Зондує функцію sdap_parse_entry(). Викликається після завершення обробки " +"отриманого об'єкта." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:201 @@ -18319,7 +18973,7 @@ msgstr "Перетворення методу на рядок і поверне #. type: Content of: <reference><refentry><refsect1><title> #: sssd-systemtap.5.xml:410 msgid "SAMPLE SYSTEMTAP SCRIPTS" -msgstr "" +msgstr "ЗРАЗКИ СКРИПТІВ SYSTEMTAP" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:412 @@ -18328,78 +18982,67 @@ msgid "" "script_name>.stp</command>), then perform an identity operation and the " "script will collect information from probes." msgstr "" +"Запустіть скрипт SystemTap (<command>stap /usr/share/sssd/systemtap/<" +"назва_скрипту>.stp</command>), потім виконайте дію із розпізнавання. " +"Скрипт збере дані за допомогою зондів." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-systemtap.5.xml:418 msgid "Provided SystemTap scripts are:" -msgstr "" +msgstr "Скриптами SystemTap з пакунка є:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:422 msgid "dp_request.stp" -msgstr "" +msgstr "dp_request.stp" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:425 msgid "Monitoring of data provider request performance." -msgstr "" +msgstr "Спостереження за швидкодією обробки запитів засобом надання даних." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:430 msgid "id_perf.stp" -msgstr "" +msgstr "id_perf.stp" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:433 msgid "Monitoring of <command>id</command> command performance." -msgstr "" +msgstr "Спостереження за швидкодією виконання команди <command>id</command>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:439 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_perf.stp" -msgstr "ldap_deref (рядок)" +msgstr "ldap_perf.stp" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:442 msgid "Monitoring of LDAP queries." -msgstr "" +msgstr "Спостереження за запитами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-systemtap.5.xml:447 msgid "nested_group_perf.stp" -msgstr "" +msgstr "nested_group_perf.stp" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-systemtap.5.xml:450 msgid "Performance of nested groups resolving." -msgstr "" +msgstr "Швидкодія визначення назв для вкладених груп." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap-attributes.5.xml:10 sssd-ldap-attributes.5.xml:16 -#, fuzzy -#| msgid "sssd-ldap" msgid "sssd-ldap-attributes" -msgstr "sssd-ldap" +msgstr "sssd-ldap-attributes" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap-attributes.5.xml:17 -#, fuzzy -#| msgid "SSSD LDAP provider" msgid "SSSD LDAP Provider: Mapping Attributes" -msgstr "Модуль надання даних LDAP SSSD" +msgstr "Засіб надання даних LDAP SSSD: атрибути прив'язування" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap-attributes.5.xml:23 -#, fuzzy -#| msgid "" -#| "This manual page describes the configuration of LDAP domains for " -#| "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>. Refer to the <quote>FILE FORMAT</quote> " -#| "section of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum> </citerefentry> manual page for detailed syntax " -#| "information." msgid "" "This manual page describes the mapping attributes of SSSD LDAP provider " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -18407,17 +19050,17 @@ msgid "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " "for full details about SSSD LDAP provider configuration options." msgstr "" -"На цій сторінці довідника описано налаштування доменів LDAP для " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Щоб дізнатися більше про синтаксис налаштування, зверніться " -"до розділу «ФОРМАТ ФАЙЛА» сторінки довідника <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>." +"Цю сторінку підручника присвячено опису атрибутів прив'язування засобу " +"надання даних LDAP SSSD <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>. Повний опис " +"параметрів налаштовування засобу надання даних LDAP SSSD наведено на " +"сторінці підручника щодо <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:38 msgid "USER ATTRIBUTES" -msgstr "" +msgstr "АТРИБУТИ КОРИСТУВАЧА" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:42 @@ -18529,7 +19172,7 @@ msgstr "Атрибут LDAP, що містить назву домашнього #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:129 msgid "Default: homeDirectory (LDAP and IPA), unixHomeDirectory (AD)" -msgstr "" +msgstr "Типове значення: homeDirectory (LDAP та IPA), unixHomeDirectory (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:135 @@ -19066,6 +19709,10 @@ msgid "" "Therefore when using service-based access control, the <quote>systemd-user</" "quote> service might need to be added to the list of allowed services." msgstr "" +"У деяких дистрибутивах (зокрема у Fedora-29+ або RHEL-8) службу PAM " +"<quote>systemd-user</quote> завжди включено до процедури входу до системи. " +"Тому при використанні керування доступом на основі даних служб варто " +"додавати службу <quote>systemd-user</quote> до списку дозволених служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:545 @@ -19204,7 +19851,7 @@ msgstr "Типове значення: mail" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:644 msgid "GROUP ATTRIBUTES" -msgstr "" +msgstr "АТРИБУТИ ГРУПИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:648 @@ -19292,10 +19939,8 @@ msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:742 -#, fuzzy -#| msgid "ldap_group_name (string)" msgid "ldap_group_type (string)" -msgstr "ldap_group_name (рядок)" +msgstr "ldap_group_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap-attributes.5.xml:745 @@ -19349,7 +19994,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:782 msgid "NETGROUP ATTRIBUTES" -msgstr "" +msgstr "АТРИБУТИ МЕРЕЖЕВОЇ ГРУПИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:786 @@ -19437,7 +20082,7 @@ msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:871 msgid "HOST ATTRIBUTES" -msgstr "" +msgstr "АТРИБУТИ ВУЗЛА" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:875 @@ -19523,10 +20168,8 @@ msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта ву #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "РОЗДІЛИ СЛУЖБ" +msgstr "АТРИБУТИ СЛУЖБИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -19585,7 +20228,7 @@ msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1026 msgid "SUDO ATTRIBUTES" -msgstr "" +msgstr "АТРИБУТИ SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:1030 @@ -19770,10 +20413,144 @@ msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:1177 -#, fuzzy -#| msgid "AUTOFS OPTIONS" msgid "AUTOFS ATTRIBUTES" -msgstr "ПАРАМЕТРИ AUTOFS" +msgstr "АТРИБУТИ AUTOFS" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +#, fuzzy +#| msgid "HOST ATTRIBUTES" +msgid "IP HOST ATTRIBUTES" +msgstr "АТРИБУТИ ВУЗЛА" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +#, fuzzy +#| msgid "ldap_host_object_class (string)" +msgid "ldap_iphost_object_class (string)" +msgstr "ldap_host_object_class (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +#, fuzzy +#| msgid "The object class of a host entry in LDAP." +msgid "The object class of an iphost entry in LDAP." +msgstr "Клас об’єктів запису вузла у LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: host" +msgid "Default: ipHost" +msgstr "Типове значення: host" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_name (string)" +msgstr "ldap_host_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" +"Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +#, fuzzy +#| msgid "ldap_host_name (string)" +msgid "ldap_iphost_number (string)" +msgstr "ldap_host_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +#, fuzzy +#| msgid "The LDAP attribute that contains the host's SSH public keys." +msgid "The LDAP attribute that contains the IP host address." +msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipHostNumber" +msgstr "Типове значення: uidNumber" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +#, fuzzy +#| msgid "NETGROUP ATTRIBUTES" +msgid "IP NETWORK ATTRIBUTES" +msgstr "АТРИБУТИ МЕРЕЖЕВОЇ ГРУПИ" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +#, fuzzy +#| msgid "ldap_netgroup_object_class (string)" +msgid "ldap_ipnetwork_object_class (string)" +msgstr "ldap_netgroup_object_class (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +#, fuzzy +#| msgid "The object class of a netgroup entry in LDAP." +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: password" +msgid "Default: ipNetwork" +msgstr "Типове значення: password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +#, fuzzy +#| msgid "ldap_netgroup_name (string)" +msgid "ldap_ipnetwork_name (string)" +msgstr "ldap_netgroup_name (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +#, fuzzy +#| msgid "" +#| "The LDAP attribute that contains the name of service attributes and their " +#| "aliases." +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" +"Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +#, fuzzy +#| msgid "ldap_user_uid_number (string)" +msgid "ldap_ipnetwork_number (string)" +msgstr "ldap_user_uid_number (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +#, fuzzy +#| msgid "The LDAP attribute that contains the user's SSH public keys." +msgid "The LDAP attribute that contains the IP network address." +msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +#, fuzzy +#| msgid "Default: uidNumber" +msgid "Default: ipNetworkNumber" +msgstr "Типове значення: uidNumber" #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 @@ -19953,9 +20730,13 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 +#, fuzzy +#| msgid "" +#| "<productname>SSSD</productname> <orgname>The SSSD upstream - https://" +#| "pagure.io/SSSD/sssd/</orgname>" msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" "<productname>SSSD</productname> <orgname>Основна гілка розробки SSSD — " "https://pagure.io/SSSD/sssd/</orgname>" @@ -20098,20 +20879,17 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 -#, fuzzy -#| msgid "dns_resolver_timeout" msgid "dns_resolver_server_timeout" -msgstr "dns_resolver_timeout" +msgstr "dns_resolver_server_timeout" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 -#, fuzzy -#| msgid "How long would SSSD talk to a single DNS server." msgid "" "Time in milliseconds that sets how long would SSSD talk to a single DNS " "server before trying next one." msgstr "" -"Наскільки довго SSSD обмінюватиметься інформацією із окремим сервером DNS." +"Час у мілісекундах, протягом якого SSSD має намагатися обмінятися даними із " +"окремим сервером DNS, перш ніж перейти до спроб зв'язатися із наступним." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:90 @@ -20125,6 +20903,10 @@ msgid "" "(e.g. resolution of a hostname or an SRV record) before trying the next " "hostname or discovery domain." msgstr "" +"Час у секундах, який визначає тривалість періоду, протягом якого SSSD " +"намагатиметься обробити окремий запит DNS (наприклад встановити назву вузла " +"або запис SRV), перш ніж перейти до наступної назви вузла або наступного " +"домену пошуку." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:106 @@ -20158,13 +20940,6 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:123 -#, fuzzy -#| msgid "" -#| "For LDAP-based providers, the resolve operation is performed as part of " -#| "an LDAP connection operation. Therefore, also the " -#| "<quote>ldap_opt_timeout></quote> timeout should be set to a larger value " -#| "than <quote>dns_resolver_timeout</quote> which in turn should be set to a " -#| "larger value than <quote>dns_resolver_op_timeout</quote>." msgid "" "For LDAP-based providers, the resolve operation is performed as part of an " "LDAP connection operation. Therefore, also the <quote>ldap_opt_timeout></" @@ -20177,7 +20952,8 @@ msgstr "" "частина дії зі встановлення з'єднання із LDAP. Тому слід також встановити " "для часу очікування <quote>ldap_opt_timeout></quote> значення, яке " "перевищуватиме значення <quote>dns_resolver_timeout</quote>, яке також має " -"перевищувати значення <quote>dns_resolver_op_timeout</quote>." +"перевищувати значення <quote>dns_resolver_op_timeout</quote>, яке має " +"перевищувати значення <quote>dns_resolver_server_timeout</quote>." #. type: Content of: <refsect1><title> #: include/ldap_id_mapping.xml:2 @@ -20840,6 +21616,19 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 +#, fuzzy +#| msgid "" +#| "<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: Extremely low-level " +#| "tracing information." +msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" +"<emphasis>9</emphasis>, <emphasis>0x4000</emphasis>: дані трасування " +"найнижчого рівня." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" @@ -20849,7 +21638,7 @@ msgstr "" "нижче прикладах:" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." @@ -20859,7 +21648,7 @@ msgstr "" "серйозних помилок та дані функцій, скористайтеся рівнем діагностики 0x0270." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." @@ -20870,7 +21659,7 @@ msgstr "" "рівнем 0x1310." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." @@ -20879,14 +21668,18 @@ msgstr "" "впроваджено у версії 1.7.0." #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "<emphasis>Типове значення</emphasis>: 0" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 +#, fuzzy +#| msgid "" +#| "<emphasis> This is an experimental feature, please use https://pagure.io/" +#| "SSSD/sssd/ to report any issues. </emphasis>" msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" "<emphasis> Цю можливість ще не перевірено достатнім чином Будь ласка, якщо " @@ -21264,8 +22057,10 @@ msgstr "ldap_id_mapping = true" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" -msgstr "ldap_sasl_mech = gssapi" +#, fuzzy +#| msgid "ldap_sasl_mech = GSSAPI" +msgid "ldap_sasl_mech = GSS-SPNEGO" +msgstr "ldap_sasl_mech = GSSAPI" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:48 @@ -21440,92 +22235,42 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "ldap_group_external_member = ipaExternalMember" #~ msgid "" -#~ "The background refresh will process users, groups and netgroups in the " -#~ "cache." -#~ msgstr "" -#~ "Під час фонового оновлення виконуватиметься обробка записів користувачів, " -#~ "груп та мережевих груп у кеші." - -#~ msgid "Default: homeDirectory" -#~ msgstr "Типове значення: homeDirectory" - -#~ msgid "ldap_group_type (integer)" -#~ msgstr "ldap_group_type (ціле число)" - -#~ msgid "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "The authentication token of the default bind DN. Only clear text " +#~ "passwords are currently supported." #~ msgstr "" -#~ "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -#~ "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -#~ "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -#~ "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" +#~ "Лексема розпізнавання типової назви сервера прив’язки. У поточній версії " +#~ "передбачено підтримку лише паролів у форматі звичайного тексту." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the InteractiveLogonRight and " -#~ "DenyInteractiveLogonRight policy settings." +#~ "In addition, some options can be set in the parent domain and inherited " +#~ "by the trusted domain using the <quote>subdomain_inherit</quote> option. " +#~ "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" +#~ "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." #~ msgstr "" -#~ "Список назв служб PAM, відокремлених комами, для яких керування доступом " -#~ "на основі GPO виконуватиметься на основі параметрів правил " -#~ "InteractiveLogonRight і DenyInteractiveLogonRight." +#~ "Крім того, деякі параметри можна встановити у батьківському домені і " +#~ "успадкувати для довіреного домену за допомогою параметра " +#~ "<quote>subdomain_inherit</quote>. Щоб дізнатися більше, ознайомтеся зі " +#~ "сторінкою підручника <citerefentry> <refentrytitle>sssd.conf</" +#~ "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the RemoteInteractiveLogonRight and " -#~ "DenyRemoteInteractiveLogonRight policy settings." +#~ "Optional. May be set on machines where the hostname(5) does not reflect " +#~ "the fully qualified name used in the Active Directory domain to identify " +#~ "this host." #~ msgstr "" -#~ "Список назв служб PAM, відокремлених комами, для яких керування доступом " -#~ "на основі GPO засновано на параметрах захисту RemoteInteractiveLogonRight " -#~ "і DenyRemoteInteractiveLogonRight." +#~ "Необов’язковий. Може бути встановлено на комп’ютерах, де hostname(5) не " +#~ "відповідає повній назві, що використовується доменом Active Directory для " +#~ "розпізнавання цього вузла." #~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the NetworkLogonRight and " -#~ "DenyNetworkLogonRight policy settings." +#~ "NOTE: The current version of SSSD does not support host (computer) " +#~ "entries in the GPO 'Security Filtering' list. Only user and group entries " +#~ "are supported. Host entries in the list have no effect." #~ msgstr "" -#~ "Список назв служб PAM, відокремлених комами, для яких керування доступом " -#~ "на основі GPO засновано на параметрах захисту NetworkLogonRight і " -#~ "DenyNetworkLogonRight." +#~ "Зауваження: у поточній версії SSSD не передбачено підтримки записів " +#~ "вузлів (комп'ютерів) до списку «Фільтрування захисту» («Security " +#~ "Filtering») GPO. Передбачено підтримку лише записів користувачів і груп. " +#~ "Записи вузлів у списку ні на що не впливатимуть." -#~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " -#~ "policy settings." -#~ msgstr "" -#~ "Список назв служб PAM, відокремлених комами, для яких керування доступом " -#~ "на основі GPO засновано на параметрах захисту BatchLogonRight і " -#~ "DenyBatchLogonRight." - -#~ msgid "" -#~ "A comma-separated list of PAM service names for which GPO-based access " -#~ "control is evaluated based on the ServiceLogonRight and " -#~ "DenyServiceLogonRight policy settings." -#~ msgstr "" -#~ "Список назв служб PAM, відокремлених комами, для яких керування доступом " -#~ "на основі GPO засновано на параметрах захисту ServiceLogonRight і " -#~ "DenyServiceLogonRight." - -#~ msgid "" -#~ "The KCM service is configured in the <quote>kcm</quote> section of the " -#~ "sssd.conf file. Please note that currently, is it not sufficient to " -#~ "restart the sssd-kcm service, because the sssd configuration is only " -#~ "parsed and read to an internal configuration database by the sssd " -#~ "service. Therefore you must restart the sssd service if you change " -#~ "anything in the <quote>kcm</quote> section of sssd.conf. For a detailed " -#~ "syntax reference, refer to the <quote>FILE FORMAT</quote> section of the " -#~ "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#~ "manvolnum> </citerefentry> manual page." -#~ msgstr "" -#~ "Налаштовування служби KCM виконується за допомогою розділу <quote>kcm</" -#~ "quote> файла sssd.conf. Будь ласка, зауважте, що у поточній версії для " -#~ "застосування налаштувань перезапуску служби sssd-kcm недостатньо, " -#~ "оскільки обробка і читання налаштувань sssd до внутрішньої бази даних " -#~ "налаштувань виконується лише самою службою sssd. Тому вам слід " -#~ "перезапустити вашу службу sssd, якщо ви щось змінили у розділі " -#~ "<quote>kcm</quote> файла sssd.conf. Докладний опис синтаксису файла " -#~ "налаштувань наведено у розділі <quote>ФОРМАТ ФАЙЛА</quote> сторінки " -#~ "підручника <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -#~ "<manvolnum>5</manvolnum> </citerefentry>." +#~ msgid "ldap_sasl_mech = gssapi" +#~ msgstr "ldap_sasl_mech = gssapi" diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index cca30a82fc..0221058169 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -6,9 +6,9 @@ # Christopher Meng <cickumqt@gmail.com>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 2.1.1\n" +"Project-Id-Version: sssd-docs 2.2.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2019-11-30 22:23+0100\n" +"POT-Creation-Date: 2020-05-19 12:03+0200\n" "PO-Revision-Date: 2014-12-15 12:16+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -300,10 +300,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:133 sssd.conf.5.xml:330 sssd.conf.5.xml:646 -#: sssd.conf.5.xml:943 sssd.conf.5.xml:1716 sssd.conf.5.xml:1746 -#: sssd-ldap.5.xml:910 sssd-ldap.5.xml:1008 sssd-ldap.5.xml:1070 -#: sssd-ldap.5.xml:1503 sssd-ldap.5.xml:1568 sssd-ipa.5.xml:326 -#: sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:1038 sssd-ad.5.xml:1171 +#: sssd.conf.5.xml:943 sssd.conf.5.xml:1750 sssd.conf.5.xml:1780 +#: sssd-ldap.5.xml:962 sssd-ldap.5.xml:1060 sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1555 sssd-ldap.5.xml:1620 sssd-ipa.5.xml:326 +#: sssd-ad.5.xml:229 sssd-ad.5.xml:343 sssd-ad.5.xml:1069 sssd-ad.5.xml:1202 #: sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -322,21 +322,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:643 sssd.conf.5.xml:825 -#: sssd.conf.5.xml:1649 sssd.conf.5.xml:3304 sssd-ldap.5.xml:305 -#: sssd-ldap.5.xml:761 sssd-ldap.5.xml:780 sssd-ldap.5.xml:980 -#: sssd-ldap.5.xml:1406 sssd-ldap.5.xml:1592 sssd-ipa.5.xml:151 -#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-krb5.5.xml:266 +#: sssd.conf.5.xml:1683 sssd.conf.5.xml:3444 sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:813 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1644 sssd-ipa.5.xml:151 +#: sssd-ipa.5.xml:238 sssd-ipa.5.xml:574 sssd-ad.5.xml:1024 sssd-krb5.5.xml:266 #: sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1444 -#: sssd-ldap.5.xml:1615 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1667 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 #: sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 sssd-systemtap.5.xml:330 #: sssd-ldap-attributes.5.xml:40 sssd-ldap-attributes.5.xml:646 #: sssd-ldap-attributes.5.xml:784 sssd-ldap-attributes.5.xml:873 #: sssd-ldap-attributes.5.xml:970 sssd-ldap-attributes.5.xml:1028 +#: sssd-ldap-attributes.5.xml:1186 sssd-ldap-attributes.5.xml:1231 #: include/autofs_attributes.xml:1 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -360,8 +361,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1480 sssd.conf.5.xml:3320 -#: sssd-ldap.5.xml:632 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1482 sssd.conf.5.xml:3460 +#: sssd-ldap.5.xml:684 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -376,7 +377,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3409 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3549 msgid "Section parameters" msgstr "" @@ -456,7 +457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2852 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2978 msgid "re_expression (string)" msgstr "" @@ -476,12 +477,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2900 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:3026 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2903 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:3029 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -489,39 +490,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:3040 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2915 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:3041 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3044 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2921 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3047 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2927 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:3053 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2930 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:3056 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2911 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:3037 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -530,7 +531,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 msgid "" -"Each domain can have an individual format string configured. see DOMAIN " +"Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" @@ -659,8 +660,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:720 -#: sssd-ldap.5.xml:732 sssd-ldap.5.xml:824 sssd-ad.5.xml:843 sssd-ad.5.xml:918 +#: sssd.conf.5.xml:435 sssd.conf.5.xml:1269 sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:784 sssd-ldap.5.xml:876 sssd-ad.5.xml:838 sssd-ad.5.xml:913 #: sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:590 #: sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 #: sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 sssd-ldap-attributes.5.xml:470 @@ -769,10 +770,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:510 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sha256" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:512 @@ -883,12 +882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 sssd.conf.5.xml:1465 sssd.conf.5.xml:1793 +#: sssd.conf.5.xml:600 sssd.conf.5.xml:1467 sssd.conf.5.xml:1842 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 sssd.conf.5.xml:1468 sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:603 sssd.conf.5.xml:1470 sssd.conf.5.xml:1845 msgid "This man page was generated for the OpenSSL version." msgstr "" @@ -972,8 +971,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:691 sssd.conf.5.xml:1492 sssd.conf.5.xml:3370 -#: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:691 sssd.conf.5.xml:1494 sssd.conf.5.xml:3510 +#: sssd-ad.5.xml:164 sssd-ad.5.xml:304 sssd-ad.5.xml:318 msgid "Default: Not set" msgstr "" @@ -1049,7 +1048,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:759 sssd.conf.5.xml:791 sssd.conf.5.xml:1074 -#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1581 sssd-ldap.5.xml:452 +#: sssd.conf.5.xml:1335 sssd.conf.5.xml:1583 sssd-ldap.5.xml:469 msgid "Default: 60" msgstr "" @@ -1109,8 +1108,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1863 -#: sssd-ldap.5.xml:319 +#: sssd.conf.5.xml:813 sssd.conf.5.xml:1087 sssd.conf.5.xml:1912 +#: sssd-ldap.5.xml:326 msgid "Default: 300" msgstr "" @@ -1187,7 +1186,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 sssd.conf.5.xml:1670 +#: sssd.conf.5.xml:879 sssd.conf.5.xml:1704 msgid "Default: 50" msgstr "" @@ -1205,7 +1204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:893 sssd.conf.5.xml:1694 +#: sssd.conf.5.xml:893 sssd.conf.5.xml:1728 msgid "Default: 15" msgstr "" @@ -1715,7 +1714,7 @@ msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2333 +#: sssd.conf.5.xml:1304 sssd.conf.5.xml:2422 msgid "Display a warning N days before the password expires." msgstr "" @@ -1728,7 +1727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:1313 sssd.conf.5.xml:2425 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1742,7 +1741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3166 sssd.8.xml:79 +#: sssd.conf.5.xml:1323 sssd.conf.5.xml:3292 sssd-ldap.5.xml:549 sssd.8.xml:79 msgid "Default: 0" msgstr "" @@ -1805,8 +1804,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1383 sssd.conf.5.xml:1408 sssd.conf.5.xml:1427 -#: sssd.conf.5.xml:1614 sssd.conf.5.xml:2122 sssd.conf.5.xml:3095 -#: sssd-ldap.5.xml:1039 +#: sssd.conf.5.xml:1616 sssd.conf.5.xml:2171 sssd.conf.5.xml:3221 +#: sssd-ldap.5.xml:1091 msgid "Default: none" msgstr "" @@ -1871,8 +1870,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:554 sssd-ldap.5.xml:575 -#: sssd-ldap.5.xml:1112 sssd-ad.5.xml:486 sssd-ad.5.xml:504 +#: sssd.conf.5.xml:1441 sssd-ldap.5.xml:590 sssd-ldap.5.xml:611 +#: sssd-ldap.5.xml:1164 sssd-ad.5.xml:481 sssd-ad.5.xml:499 sssd-ad.5.xml:1044 #: include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" @@ -1884,64 +1883,64 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1449 -msgid "" -"The path to the certificate database which contain the PKCS#11 modules to " -"access the Smartcard." +msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 sssd.conf.5.xml:1781 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:1452 sssd.conf.5.xml:1830 sssd.conf.5.xml:3746 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1455 sssd.conf.5.xml:1783 -msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +#: sssd.conf.5.xml:1454 +msgid "" +"/etc/pki/nssdb (NSS version, path to a NSS database which contains the " +"PKCS#11 modules to access the Smartcard and the trusted CA certificates)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1458 sssd.conf.5.xml:1786 +#: sssd.conf.5.xml:1460 sssd.conf.5.xml:1835 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1473 +#: sssd.conf.5.xml:1475 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:1478 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1485 +#: sssd.conf.5.xml:1487 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1490 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1497 +#: sssd.conf.5.xml:1499 msgid "pam_p11_allowed_services (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1502 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1517 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -1949,7 +1948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1506 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -1961,63 +1960,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1519 sssd-ad.5.xml:567 sssd-ad.5.xml:676 sssd-ad.5.xml:734 -#: sssd-ad.5.xml:792 sssd-ad.5.xml:870 +#: sssd.conf.5.xml:1521 sssd-ad.5.xml:562 sssd-ad.5.xml:671 sssd-ad.5.xml:729 +#: sssd-ad.5.xml:787 sssd-ad.5.xml:865 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1524 sssd-ad.5.xml:571 +#: sssd.conf.5.xml:1526 sssd-ad.5.xml:566 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1529 sssd-ad.5.xml:576 +#: sssd.conf.5.xml:1531 sssd-ad.5.xml:571 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1534 sssd-ad.5.xml:581 +#: sssd.conf.5.xml:1536 sssd-ad.5.xml:576 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1539 sssd-ad.5.xml:596 +#: sssd.conf.5.xml:1541 sssd-ad.5.xml:591 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1544 sssd-ad.5.xml:591 +#: sssd.conf.5.xml:1546 sssd-ad.5.xml:586 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1549 sssd-ad.5.xml:601 +#: sssd.conf.5.xml:1551 sssd-ad.5.xml:596 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1554 sssd-ad.5.xml:879 +#: sssd.conf.5.xml:1556 sssd-ad.5.xml:874 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1559 sssd-ad.5.xml:884 +#: sssd.conf.5.xml:1561 sssd-ad.5.xml:879 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1564 +#: sssd.conf.5.xml:1566 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1572 +#: sssd.conf.5.xml:1574 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1575 +#: sssd.conf.5.xml:1577 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2025,12 +2024,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1588 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1591 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2041,15 +2040,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1604 #, no-wrap msgid "" -"p11_uri = slot-description=My%20Smartcar%20Reader\n" +"p11_uri = slot-description=My%20Smartcard%20Reader\n" " " msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1606 +#: sssd.conf.5.xml:1608 #, no-wrap msgid "" "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2057,7 +2056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1600 +#: sssd.conf.5.xml:1602 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2065,13 +2064,69 @@ msgid "" "with e.g. the '--list-all' will show PKCS#11 URIs as well." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1621 +msgid "pam_initgroups_scheme" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1629 +msgid "always" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1630 +msgid "" +"Always do an online lookup, please note that pam_id_timeout still applies" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1634 +msgid "no_session" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1635 +msgid "" +"Only do an online lookup if there is no active session of the user, i.e. if " +"the user is currently not logged in" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "never" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1641 +msgid "" +"Never force an online lookup, use the data from the cache as long as they " +"are not expired" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1624 +msgid "" +"The PAM responder can force an online lookup to get the current group " +"memberships of the user trying to log in. This option controls when this " +"should be done and the following values are allowed: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1648 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: no_session" +msgstr "默认: 3" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1656 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1658 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2082,24 +2137,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1641 +#: sssd.conf.5.xml:1675 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1678 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1690 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1659 +#: sssd.conf.5.xml:1693 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2109,22 +2164,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1678 +#: sssd.conf.5.xml:1712 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1680 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1684 +#: sssd.conf.5.xml:1718 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1687 +#: sssd.conf.5.xml:1721 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2132,51 +2187,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1703 +#: sssd.conf.5.xml:1737 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1739 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1743 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1712 +#: sssd.conf.5.xml:1746 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1721 +#: sssd.conf.5.xml:1755 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1758 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1728 +#: sssd.conf.5.xml:1762 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1733 +#: sssd.conf.5.xml:1767 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1736 +#: sssd.conf.5.xml:1770 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2185,12 +2240,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1751 +#: sssd.conf.5.xml:1785 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1754 +#: sssd.conf.5.xml:1788 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2200,36 +2255,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1797 +msgid "" +"There are two special key words 'all_rules' and 'no_rules' which will enable " +"all or no rules, respectively. The latter means that no certificates will be " +"filtered out and ssh keys will be generated from all valid certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1804 +msgid "" +"If no rules are configured using 'all_rules' will enable a default rule " +"which enables all certificates suitable for client authentication. This is " +"the same behavior as for the PAM responder if certificate authentication is " +"enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1811 msgid "" -"If a non-existing rule name is given all rules will be ignored and all " -"available certificates will be used to derive ssh keys." +"A non-existing rule name is considered an error. If as a result no rule is " +"selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1768 -msgid "Default: not set, all found rules are used" +#: sssd.conf.5.xml:1816 +msgid "" +"Default: not set, equivalent to 'all_rules, all found rules or the default " +"rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1773 +#: sssd.conf.5.xml:1822 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1825 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1832 +msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1804 +#: sssd.conf.5.xml:1853 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1806 +#: sssd.conf.5.xml:1855 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2240,7 +2319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1815 +#: sssd.conf.5.xml:1864 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2251,24 +2330,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1823 +#: sssd.conf.5.xml:1872 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1829 +#: sssd.conf.5.xml:1878 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1833 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1882 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1836 +#: sssd.conf.5.xml:1885 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2276,12 +2355,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1891 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1846 +#: sssd.conf.5.xml:1895 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2290,24 +2369,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1904 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1907 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1871 +#: sssd.conf.5.xml:1920 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1873 +#: sssd.conf.5.xml:1922 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2317,66 +2396,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1886 +#: sssd.conf.5.xml:1935 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1890 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1939 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1900 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1905 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1954 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1908 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1957 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1917 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1966 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1920 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1969 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1893 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1942 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1927 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1976 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1932 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1981 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1935 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1984 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2384,17 +2463,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1941 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1990 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1995 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1998 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2402,7 +2481,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1955 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2004 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2410,22 +2489,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2011 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2021 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1979 +#: sssd.conf.5.xml:2028 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1982 +#: sssd.conf.5.xml:2031 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2434,14 +2513,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1990 +#: sssd.conf.5.xml:2039 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:2043 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2450,38 +2529,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:2051 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2006 +#: sssd.conf.5.xml:2055 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2010 +#: sssd.conf.5.xml:2059 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2016 +#: sssd.conf.5.xml:2065 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2019 +#: sssd.conf.5.xml:2068 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2024 +#: sssd.conf.5.xml:2073 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2490,24 +2569,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2031 +#: sssd.conf.5.xml:2080 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2035 +#: sssd.conf.5.xml:2084 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2041 +#: sssd.conf.5.xml:2090 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2044 +#: sssd.conf.5.xml:2093 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2516,29 +2595,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2052 +#: sssd.conf.5.xml:2101 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2104 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2058 sssd.conf.5.xml:2288 sssd.conf.5.xml:2463 +#: sssd.conf.5.xml:2107 sssd.conf.5.xml:2377 sssd.conf.5.xml:2553 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2061 +#: sssd.conf.5.xml:2110 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2066 +#: sssd.conf.5.xml:2115 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2552,14 +2631,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:2130 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2135 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2568,39 +2647,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2094 +#: sssd.conf.5.xml:2143 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2151 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2158 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2159 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2162 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2114 +#: sssd.conf.5.xml:2163 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2105 +#: sssd.conf.5.xml:2154 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2609,19 +2688,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2177 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2131 +#: sssd.conf.5.xml:2180 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2184 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2632,115 +2711,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2148 +#: sssd.conf.5.xml:2197 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2154 +#: sssd.conf.5.xml:2203 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2206 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2161 sssd.conf.5.xml:2174 sssd.conf.5.xml:2187 -#: sssd.conf.5.xml:2200 sssd.conf.5.xml:2213 sssd.conf.5.xml:2227 -#: sssd.conf.5.xml:2241 +#: sssd.conf.5.xml:2210 sssd.conf.5.xml:2223 sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2249 sssd.conf.5.xml:2263 sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2290 sssd.conf.5.xml:2304 sssd.conf.5.xml:2317 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2167 +#: sssd.conf.5.xml:2216 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2170 +#: sssd.conf.5.xml:2219 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2180 +#: sssd.conf.5.xml:2229 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2183 +#: sssd.conf.5.xml:2232 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2242 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2196 +#: sssd.conf.5.xml:2245 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2206 +#: sssd.conf.5.xml:2255 +msgid "entry_cache_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2258 +msgid "" +"How many seconds should nss_sss consider hosts and networks entries valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2269 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2209 +#: sssd.conf.5.xml:2272 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2219 +#: sssd.conf.5.xml:2282 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2222 +#: sssd.conf.5.xml:2285 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2233 +#: sssd.conf.5.xml:2296 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2299 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2247 +#: sssd.conf.5.xml:2310 +msgid "entry_cache_computer_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2313 +msgid "" +"How many seconds to keep the local computer entry before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2323 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2250 +#: sssd.conf.5.xml:2326 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2255 +#: sssd.conf.5.xml:2331 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -2749,42 +2852,54 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2263 +#: sssd.conf.5.xml:2339 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2343 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2271 sssd-ldap.5.xml:343 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2347 +msgid "" +"Cache entry will be refreshed by background task when 2/3 of cache timeout " +"has already passed. If there are existing cached entries, the background " +"task will refer to their original cache timeout values instead of current " +"configuration value. This may lead to a situation in which background " +"refresh task appears to not be working. This is done by design to improve " +"offline mode operation and reuse of existing valid cache entries. To make " +"this change instant the user may want to manually invalidate existing cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2360 sssd-ldap.5.xml:350 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2277 +#: sssd.conf.5.xml:2366 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2369 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2284 +#: sssd.conf.5.xml:2373 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2294 +#: sssd.conf.5.xml:2383 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2297 +#: sssd.conf.5.xml:2386 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2792,24 +2907,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2304 +#: sssd.conf.5.xml:2393 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2309 sssd-ldap.5.xml:496 +#: sssd.conf.5.xml:2398 sssd-ldap.5.xml:513 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2315 +#: sssd.conf.5.xml:2404 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2318 +#: sssd.conf.5.xml:2407 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2818,17 +2933,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2325 +#: sssd.conf.5.xml:2414 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2330 +#: sssd.conf.5.xml:2419 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2341 +#: sssd.conf.5.xml:2430 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2837,34 +2952,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2348 +#: sssd.conf.5.xml:2437 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2443 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2357 +#: sssd.conf.5.xml:2446 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2450 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2453 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2368 +#: sssd.conf.5.xml:2457 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2872,7 +2987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2880,8 +2995,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2384 sssd.conf.5.xml:2489 sssd.conf.5.xml:2544 -#: sssd.conf.5.xml:2607 +#: sssd.conf.5.xml:2473 sssd.conf.5.xml:2579 sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2697 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2890,8 +3005,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2393 sssd.conf.5.xml:2498 sssd.conf.5.xml:2553 -#: sssd.conf.5.xml:2616 +#: sssd.conf.5.xml:2482 sssd.conf.5.xml:2588 sssd.conf.5.xml:2643 +#: sssd.conf.5.xml:2706 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2899,19 +3014,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2404 +#: sssd.conf.5.xml:2493 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2407 +#: sssd.conf.5.xml:2496 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2412 +#: sssd.conf.5.xml:2501 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2920,7 +3035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2420 +#: sssd.conf.5.xml:2509 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2928,22 +3043,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2427 -msgid "Default: FALSE (TRUE if default_domain_suffix is used)" +#: sssd.conf.5.xml:2516 +msgid "" +"Default: FALSE (TRUE for trusted domain/sub-domains or if " +"default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2433 +#: sssd.conf.5.xml:2523 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2436 +#: sssd.conf.5.xml:2526 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 +#: sssd.conf.5.xml:2529 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2955,7 +3072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2457 +#: sssd.conf.5.xml:2547 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2963,19 +3080,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2468 +#: sssd.conf.5.xml:2558 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2471 +#: sssd.conf.5.xml:2561 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2475 sssd.conf.5.xml:2537 +#: sssd.conf.5.xml:2565 sssd.conf.5.xml:2627 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2983,7 +3100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2572 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2991,35 +3108,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2506 +#: sssd.conf.5.xml:2596 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2509 +#: sssd.conf.5.xml:2599 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2513 +#: sssd.conf.5.xml:2603 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 +#: sssd.conf.5.xml:2606 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2522 +#: sssd.conf.5.xml:2612 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2525 +#: sssd.conf.5.xml:2615 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3027,19 +3144,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2621 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2624 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2561 +#: sssd.conf.5.xml:2651 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3048,7 +3165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2568 +#: sssd.conf.5.xml:2658 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3056,29 +3173,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2665 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2578 +#: sssd.conf.5.xml:2668 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2673 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2586 +#: sssd.conf.5.xml:2676 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2591 +#: sssd.conf.5.xml:2681 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3086,7 +3203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2689 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3094,35 +3211,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2714 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2718 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2631 +#: sssd.conf.5.xml:2721 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2638 +#: sssd.conf.5.xml:2728 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2641 +#: sssd.conf.5.xml:2731 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2735 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3130,32 +3247,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2653 +#: sssd.conf.5.xml:2743 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2657 +#: sssd.conf.5.xml:2747 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2661 +#: sssd.conf.5.xml:2751 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2664 sssd.conf.5.xml:2750 sssd.conf.5.xml:2820 -#: sssd.conf.5.xml:2845 +#: sssd.conf.5.xml:2754 sssd.conf.5.xml:2840 sssd.conf.5.xml:2910 +#: sssd.conf.5.xml:2935 sssd.conf.5.xml:2971 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2668 +#: sssd.conf.5.xml:2758 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3166,7 +3283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2773 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3175,12 +3292,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2693 +#: sssd.conf.5.xml:2783 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2786 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3188,7 +3305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2702 +#: sssd.conf.5.xml:2792 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3196,31 +3313,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2800 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2803 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2809 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2812 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2728 +#: sssd.conf.5.xml:2818 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3228,7 +3345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2737 +#: sssd.conf.5.xml:2827 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3237,17 +3354,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2746 +#: sssd.conf.5.xml:2836 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2846 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2759 +#: sssd.conf.5.xml:2849 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3255,43 +3372,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2766 +#: sssd.conf.5.xml:2856 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2860 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2774 +#: sssd.conf.5.xml:2864 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2778 +#: sssd.conf.5.xml:2868 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2876 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2789 +#: sssd.conf.5.xml:2879 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2883 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3299,7 +3416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2890 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3307,7 +3424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2808 +#: sssd.conf.5.xml:2898 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3315,24 +3432,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2817 +#: sssd.conf.5.xml:2907 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2917 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2830 +#: sssd.conf.5.xml:2920 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2834 +#: sssd.conf.5.xml:2924 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3340,12 +3457,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2842 +#: sssd.conf.5.xml:2932 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2942 +msgid "resolver_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2945 +msgid "" +"The provider which should handle hosts and networks lookups. Supported " +"resolver providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2949 +msgid "" +"<quote>proxy</quote> to forward lookups to another NSS library. See " +"<quote>proxy_resolver_lib_name</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2953 +msgid "" +"<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2960 +msgid "" +"<quote>ad</quote> to fetch hosts and networks stored in AD. See " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring the AD " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2968 +msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2855 +#: sssd.conf.5.xml:2981 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3355,7 +3513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2990 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3364,29 +3522,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2869 +#: sssd.conf.5.xml:2995 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2872 +#: sssd.conf.5.xml:2998 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2875 +#: sssd.conf.5.xml:3001 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2878 +#: sssd.conf.5.xml:3004 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2883 +#: sssd.conf.5.xml:3009 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3394,7 +3552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2889 +#: sssd.conf.5.xml:3015 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3404,59 +3562,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2940 +#: sssd.conf.5.xml:3066 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2946 +#: sssd.conf.5.xml:3072 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2949 +#: sssd.conf.5.xml:3075 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2953 +#: sssd.conf.5.xml:3079 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2962 +#: sssd.conf.5.xml:3088 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2965 +#: sssd.conf.5.xml:3091 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2968 +#: sssd.conf.5.xml:3094 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2974 +#: sssd.conf.5.xml:3100 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2977 +#: sssd.conf.5.xml:3103 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3465,77 +3623,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:3110 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 sssd-ldap.5.xml:436 sssd-ldap.5.xml:478 +#: sssd.conf.5.xml:3115 sssd-ldap.5.xml:453 sssd-ldap.5.xml:495 #: sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:3121 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2998 +#: sssd.conf.5.xml:3124 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3128 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3134 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3137 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3017 +#: sssd.conf.5.xml:3143 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3028 +#: sssd.conf.5.xml:3154 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3031 +#: sssd.conf.5.xml:3157 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3037 +#: sssd.conf.5.xml:3163 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3039 +#: sssd.conf.5.xml:3165 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3043 +#: sssd.conf.5.xml:3169 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:3172 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3543,7 +3701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3020 +#: sssd.conf.5.xml:3146 msgid "" "Treat user and group names as case sensitive. <phrase condition=" "\"enable_local_provider\"> At the moment, this option is not supported in " @@ -3552,17 +3710,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3058 +#: sssd.conf.5.xml:3184 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3064 +#: sssd.conf.5.xml:3190 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3067 +#: sssd.conf.5.xml:3193 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3570,34 +3728,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3073 +#: sssd.conf.5.xml:3199 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3076 +#: sssd.conf.5.xml:3202 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3079 sssd-ldap.5.xml:383 +#: sssd.conf.5.xml:3205 sssd-ldap.5.xml:390 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3082 +#: sssd.conf.5.xml:3208 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:3211 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3091 +#: sssd.conf.5.xml:3217 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3605,32 +3763,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3089 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:3215 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3098 +#: sssd.conf.5.xml:3224 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3105 +#: sssd.conf.5.xml:3231 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3116 +#: sssd.conf.5.xml:3242 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3117 +#: sssd.conf.5.xml:3243 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3234 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3640,34 +3798,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3122 +#: sssd.conf.5.xml:3248 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3126 +#: sssd.conf.5.xml:3252 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3257 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3134 +#: sssd.conf.5.xml:3260 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3140 +#: sssd.conf.5.xml:3266 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3143 +#: sssd.conf.5.xml:3269 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3676,19 +3834,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3151 +#: sssd.conf.5.xml:3277 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3156 +#: sssd.conf.5.xml:3282 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3160 +#: sssd.conf.5.xml:3286 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3696,24 +3854,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3171 +#: sssd.conf.5.xml:3297 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3303 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3184 +#: sssd.conf.5.xml:3310 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3722,24 +3880,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3193 +#: sssd.conf.5.xml:3319 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3196 +#: sssd.conf.5.xml:3322 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3202 +#: sssd.conf.5.xml:3328 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3205 +#: sssd.conf.5.xml:3331 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -3749,14 +3907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3225 +#: sssd.conf.5.xml:3351 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -3764,21 +3922,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3300 msgid "" "This option takes any of three available values: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3237 +#: sssd.conf.5.xml:3363 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3245 +#: sssd.conf.5.xml:3371 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -3786,7 +3944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3377 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -3795,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3242 +#: sssd.conf.5.xml:3368 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -3804,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1974 +#: sssd.conf.5.xml:2023 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3812,29 +3970,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3266 +#: sssd.conf.5.xml:3392 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3269 +#: sssd.conf.5.xml:3395 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3272 +#: sssd.conf.5.xml:3398 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3406 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3409 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3842,12 +4000,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3419 +msgid "proxy_resolver_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3422 +msgid "" +"The name of the NSS library to use for hosts and networks lookups in proxy " +"domains. The NSS functions searched for in the library are in the form of " +"_nss_$(libName)_$(function), for example _nss_dns_gethostbyname2_r." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3433 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3296 +#: sssd.conf.5.xml:3436 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3856,12 +4027,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3310 +#: sssd.conf.5.xml:3450 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3453 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3869,19 +4040,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3329 +#: sssd.conf.5.xml:3469 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3331 +#: sssd.conf.5.xml:3471 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3898,7 +4069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3351 +#: sssd.conf.5.xml:3491 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3906,17 +4077,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3357 +#: sssd.conf.5.xml:3497 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3359 +#: sssd.conf.5.xml:3499 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3502 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3925,7 +4096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3376 +#: sssd.conf.5.xml:3516 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3935,7 +4106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3384 +#: sssd.conf.5.xml:3524 #, no-wrap msgid "" "[sssd]\n" @@ -3955,12 +4126,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3402 +#: sssd.conf.5.xml:3542 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3404 +#: sssd.conf.5.xml:3544 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3968,73 +4139,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3551 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3414 +#: sssd.conf.5.xml:3554 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3558 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3423 +#: sssd.conf.5.xml:3563 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3566 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3431 +#: sssd.conf.5.xml:3571 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3576 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3439 +#: sssd.conf.5.xml:3579 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3443 sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3583 sssd.conf.5.xml:3595 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3448 +#: sssd.conf.5.xml:3588 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3451 +#: sssd.conf.5.xml:3591 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3460 +#: sssd.conf.5.xml:3600 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3463 +#: sssd.conf.5.xml:3603 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4042,17 +4213,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3471 +#: sssd.conf.5.xml:3611 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3476 +#: sssd.conf.5.xml:3616 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3479 +#: sssd.conf.5.xml:3619 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4061,17 +4232,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3629 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3494 +#: sssd.conf.5.xml:3634 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3497 +#: sssd.conf.5.xml:3637 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4079,17 +4250,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3504 +#: sssd.conf.5.xml:3644 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3509 +#: sssd.conf.5.xml:3649 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3512 +#: sssd.conf.5.xml:3652 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4097,17 +4268,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3518 +#: sssd.conf.5.xml:3658 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3668 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3530 +#: sssd.conf.5.xml:3670 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4118,69 +4289,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3537 +#: sssd.conf.5.xml:3677 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3678 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3539 +#: sssd.conf.5.xml:3679 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3540 +#: sssd.conf.5.xml:3680 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3541 +#: sssd.conf.5.xml:3681 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3542 +#: sssd.conf.5.xml:3682 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3543 +#: sssd.conf.5.xml:3683 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3544 +#: sssd.conf.5.xml:3684 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3545 +#: sssd.conf.5.xml:3685 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3546 sssd-ipa.5.xml:797 +#: sssd.conf.5.xml:3686 sssd-ipa.5.xml:796 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3548 +#: sssd.conf.5.xml:3688 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3554 +#: sssd.conf.5.xml:3694 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3556 +#: sssd.conf.5.xml:3696 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -4193,7 +4364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3570 +#: sssd.conf.5.xml:3710 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -4201,7 +4372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3579 +#: sssd.conf.5.xml:3719 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -4210,55 +4381,55 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3586 +#: sssd.conf.5.xml:3726 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3589 +#: sssd.conf.5.xml:3729 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3593 +#: sssd.conf.5.xml:3733 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3600 +#: sssd.conf.5.xml:3740 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:3743 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3609 +#: sssd.conf.5.xml:3749 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3615 +#: sssd.conf.5.xml:3755 msgid "" "The RULE_NAME for the <quote>files</quote> provider which tries to find a " "user with the same name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3624 +#: sssd.conf.5.xml:3764 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3627 +#: sssd.conf.5.xml:3767 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -4267,17 +4438,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3634 +#: sssd.conf.5.xml:3774 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3639 +#: sssd.conf.5.xml:3779 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3642 +#: sssd.conf.5.xml:3782 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -4285,26 +4456,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3788 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3794 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3800 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3806 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -4313,17 +4484,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3675 +#: sssd.conf.5.xml:3815 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3683 +#: sssd.conf.5.xml:3823 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3685 +#: sssd.conf.5.xml:3825 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -4333,7 +4504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3693 +#: sssd.conf.5.xml:3833 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -4342,59 +4513,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3705 +#: sssd.conf.5.xml:3845 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3708 +#: sssd.conf.5.xml:3848 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3849 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3707 +#: sssd.conf.5.xml:3847 msgid "" "to configure password prompting, allowed options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3717 +#: sssd.conf.5.xml:3857 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3721 +#: sssd.conf.5.xml:3861 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3722 +#: sssd.conf.5.xml:3862 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3725 +#: sssd.conf.5.xml:3865 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3726 +#: sssd.conf.5.xml:3866 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3729 +#: sssd.conf.5.xml:3869 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3870 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -4402,14 +4573,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3859 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3700 +#: sssd.conf.5.xml:3840 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder type=" @@ -4417,7 +4588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3742 +#: sssd.conf.5.xml:3882 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -4425,12 +4596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3749 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3889 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3755 +#: sssd.conf.5.xml:3895 #, no-wrap msgid "" "[sssd]\n" @@ -4460,7 +4631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3891 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4469,7 +4640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3788 +#: sssd.conf.5.xml:3928 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4477,7 +4648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3782 +#: sssd.conf.5.xml:3922 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4488,7 +4659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3942 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -4502,7 +4673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3793 +#: sssd.conf.5.xml:3933 msgid "" "3. The following example shows the configuration for two certificate mapping " "rules. The first is valid for the configured domain <quote>my.domain</quote> " @@ -4652,7 +4823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:132 sssd-ad.5.xml:286 sss_override.8.xml:137 +#: sssd-ldap.5.xml:132 sssd-ad.5.xml:288 sss_override.8.xml:137 #: sss_override.8.xml:234 sssd-ldap-attributes.5.xml:453 msgid "Examples:" msgstr "" @@ -4824,25 +4995,30 @@ msgstr "" msgid "Default: password" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "" +"See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> manual page for more information." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:285 +#: sssd-ldap.5.xml:293 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:288 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." +#: sssd-ldap.5.xml:296 +msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:295 +#: sssd-ldap.5.xml:302 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:298 +#: sssd-ldap.5.xml:305 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4851,24 +5027,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:311 +#: sssd-ldap.5.xml:318 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:314 +#: sssd-ldap.5.xml:321 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:332 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:328 +#: sssd-ldap.5.xml:335 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4876,7 +5052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:341 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4885,12 +5061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:349 +#: sssd-ldap.5.xml:356 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:352 +#: sssd-ldap.5.xml:359 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4898,7 +5074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:359 +#: sssd-ldap.5.xml:366 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4908,7 +5084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:368 +#: sssd-ldap.5.xml:375 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4918,34 +5094,34 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 include/failover.xml:100 +#: sssd-ldap.5.xml:384 include/failover.xml:100 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:393 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#: sssd-ldap.5.xml:398 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:397 +#: sssd-ldap.5.xml:404 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:400 +#: sssd-ldap.5.xml:407 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 +#: sssd-ldap.5.xml:411 sssd-ipa.5.xml:374 sssd-ipa.5.xml:393 sssd-ipa.5.xml:412 #: sssd-ipa.5.xml:431 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -4953,30 +5129,40 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:409 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:416 sssd-ipa.5.xml:379 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:416 +#: sssd-ldap.5.xml:423 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:421 -msgid "ldap_search_timeout (integer)" +#: sssd-ldap.5.xml:428 +msgid "ldap_iphost_search_base (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:424 -msgid "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:433 +msgid "ldap_ipnetwork_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:438 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:441 +msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:447 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4984,12 +5170,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:442 +#: sssd-ldap.5.xml:459 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:445 +#: sssd-ldap.5.xml:462 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4997,12 +5183,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:458 +#: sssd-ldap.5.xml:475 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:461 +#: sssd-ldap.5.xml:478 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5013,12 +5199,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:484 +#: sssd-ldap.5.xml:501 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 +#: sssd-ldap.5.xml:504 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5027,12 +5213,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:502 +#: sssd-ldap.5.xml:519 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:522 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5041,34 +5227,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:513 sssd-ldap.5.xml:1489 +#: sssd-ldap.5.xml:530 +msgid "" +"This timeout can be extended of a random value specified by " +"<emphasis>ldap_connection_expire_offset</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:1541 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:519 +#: sssd-ldap.5.xml:541 +msgid "ldap_connection_expire_offset (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"Random offset between 0 and configured value is added to " +"<emphasis>ldap_connection_expire_timeout</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 +#: sssd-ldap.5.xml:558 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:527 include/failover.xml:84 +#: sssd-ldap.5.xml:563 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:533 +#: sssd-ldap.5.xml:569 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:536 +#: sssd-ldap.5.xml:572 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5076,14 +5281,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:542 +#: sssd-ldap.5.xml:578 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:548 +#: sssd-ldap.5.xml:584 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5091,17 +5296,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:560 +#: sssd-ldap.5.xml:596 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:599 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:602 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5111,12 +5316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:581 +#: sssd-ldap.5.xml:617 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:584 +#: sssd-ldap.5.xml:620 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5124,17 +5329,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 +#: sssd-ldap.5.xml:626 sssd-ldap.5.xml:642 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:633 +msgid "ldap_sasl_maxssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:636 +msgid "" +"When communicating with an LDAP server using SASL, specify the maximal " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:649 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:600 +#: sssd-ldap.5.xml:652 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5142,7 +5360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:606 +#: sssd-ldap.5.xml:658 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -5153,7 +5371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:617 +#: sssd-ldap.5.xml:669 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5162,7 +5380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 +#: sssd-ldap.5.xml:677 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5170,26 +5388,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:638 +#: sssd-ldap.5.xml:690 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:641 +#: sssd-ldap.5.xml:693 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:647 +#: sssd-ldap.5.xml:699 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:703 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5197,7 +5415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:658 +#: sssd-ldap.5.xml:710 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5205,7 +5423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:664 +#: sssd-ldap.5.xml:716 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5213,41 +5431,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 +#: sssd-ldap.5.xml:722 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:674 +#: sssd-ldap.5.xml:726 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:680 +#: sssd-ldap.5.xml:732 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:735 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 sssd-ldap.5.xml:706 sssd-ldap.5.xml:747 +#: sssd-ldap.5.xml:740 sssd-ldap.5.xml:758 sssd-ldap.5.xml:799 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#: sssd-ldap.5.xml:747 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:750 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5256,32 +5474,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:713 +#: sssd-ldap.5.xml:765 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:716 +#: sssd-ldap.5.xml:768 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:726 +#: sssd-ldap.5.xml:778 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:729 +#: sssd-ldap.5.xml:781 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:738 +#: sssd-ldap.5.xml:790 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:741 +#: sssd-ldap.5.xml:793 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5289,24 +5507,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:754 +#: sssd-ldap.5.xml:806 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:757 +#: sssd-ldap.5.xml:809 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:767 +#: sssd-ldap.5.xml:819 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:770 +#: sssd-ldap.5.xml:822 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5314,17 +5532,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:776 +#: sssd-ldap.5.xml:828 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:786 +#: sssd-ldap.5.xml:838 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:789 +#: sssd-ldap.5.xml:841 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5335,24 +5553,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:801 +#: sssd-ldap.5.xml:853 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:807 +#: sssd-ldap.5.xml:859 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:810 +#: sssd-ldap.5.xml:862 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#: sssd-ldap.5.xml:866 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -5363,12 +5581,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:830 +#: sssd-ldap.5.xml:882 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:842 +#: sssd-ldap.5.xml:894 #, no-wrap msgid "" "hostname@REALM\n" @@ -5381,7 +5599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:885 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -5393,17 +5611,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:853 +#: sssd-ldap.5.xml:905 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:859 +#: sssd-ldap.5.xml:911 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:914 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5411,49 +5629,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:920 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:926 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:929 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 +#: sssd-ldap.5.xml:934 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:888 +#: sssd-ldap.5.xml:940 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:891 +#: sssd-ldap.5.xml:943 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:895 +#: sssd-ldap.5.xml:947 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:953 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:904 +#: sssd-ldap.5.xml:956 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5461,28 +5679,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:916 +#: sssd-ldap.5.xml:968 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:919 +#: sssd-ldap.5.xml:971 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:923 sssd-ad.5.xml:1090 +#: sssd-ldap.5.xml:975 sssd-ad.5.xml:1121 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:929 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:981 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 +#: sssd-ldap.5.xml:984 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5494,7 +5712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:944 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:996 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5502,7 +5720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:949 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1001 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5510,39 +5728,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:958 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1010 sssd-ipa.5.xml:443 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#: sssd-ldap.5.xml:1013 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1017 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:971 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1023 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:974 +#: sssd-ldap.5.xml:1026 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:986 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1038 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:989 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1041 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5552,7 +5770,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1052 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5560,26 +5778,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1066 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1069 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1022 +#: sssd-ldap.5.xml:1074 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1079 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5587,7 +5805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1085 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5595,31 +5813,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1042 +#: sssd-ldap.5.xml:1094 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1102 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1053 +#: sssd-ldap.5.xml:1105 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1057 +#: sssd-ldap.5.xml:1109 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1062 +#: sssd-ldap.5.xml:1114 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5628,56 +5846,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1076 +#: sssd-ldap.5.xml:1128 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1079 +#: sssd-ldap.5.xml:1131 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1135 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1089 +#: sssd-ldap.5.xml:1141 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 +#: sssd-ldap.5.xml:1144 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1097 +#: sssd-ldap.5.xml:1149 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1155 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1158 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1118 +#: sssd-ldap.5.xml:1170 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1121 +#: sssd-ldap.5.xml:1173 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5693,12 +5911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1141 +#: sssd-ldap.5.xml:1193 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1196 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5707,14 +5925,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1200 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1205 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5723,24 +5941,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1213 sssd-ldap.5.xml:1270 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1219 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1222 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1226 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5748,19 +5966,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1181 +#: sssd-ldap.5.xml:1233 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1236 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1189 +#: sssd-ldap.5.xml:1241 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5769,7 +5987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1248 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5777,7 +5995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1202 +#: sssd-ldap.5.xml:1254 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5786,7 +6004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1211 +#: sssd-ldap.5.xml:1263 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5794,22 +6012,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1276 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1227 +#: sssd-ldap.5.xml:1279 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 +#: sssd-ldap.5.xml:1283 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1234 +#: sssd-ldap.5.xml:1286 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5819,14 +6037,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1296 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1251 +#: sssd-ldap.5.xml:1303 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -5839,12 +6057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1320 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1272 +#: sssd-ldap.5.xml:1324 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -5854,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1334 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -5864,63 +6082,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1290 +#: sssd-ldap.5.xml:1342 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1294 +#: sssd-ldap.5.xml:1346 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1351 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1304 +#: sssd-ldap.5.xml:1356 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1308 +#: sssd-ldap.5.xml:1360 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1364 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1317 +#: sssd-ldap.5.xml:1369 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1320 +#: sssd-ldap.5.xml:1372 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1327 +#: sssd-ldap.5.xml:1379 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1330 +#: sssd-ldap.5.xml:1382 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -5929,74 +6147,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1338 +#: sssd-ldap.5.xml:1390 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 +#: sssd-ldap.5.xml:1393 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 +#: sssd-ldap.5.xml:1399 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1402 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1355 +#: sssd-ldap.5.xml:1407 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1359 +#: sssd-ldap.5.xml:1411 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1416 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1369 +#: sssd-ldap.5.xml:1421 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1374 +#: sssd-ldap.5.xml:1426 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1382 +#: sssd-ldap.5.xml:1434 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1385 +#: sssd-ldap.5.xml:1437 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1441 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6007,7 +6225,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1400 +#: sssd-ldap.5.xml:1452 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6015,24 +6233,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1412 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:1464 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1415 +#: sssd-ldap.5.xml:1467 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1419 +#: sssd-ldap.5.xml:1471 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1475 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6049,12 +6267,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1433 +#: sssd-ldap.5.xml:1485 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1435 +#: sssd-ldap.5.xml:1487 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6062,36 +6280,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1498 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1501 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1454 +#: sssd-ldap.5.xml:1506 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 +#: sssd-ldap.5.xml:1511 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1517 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 +#: sssd-ldap.5.xml:1520 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -6099,14 +6317,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1526 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1478 +#: sssd-ldap.5.xml:1530 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -6116,101 +6334,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1495 +#: sssd-ldap.5.xml:1547 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 +#: sssd-ldap.5.xml:1550 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1561 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 +#: sssd-ldap.5.xml:1564 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1569 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1522 sssd-ldap.5.xml:1545 sssd-ldap.5.xml:1563 -#: sssd-ldap.5.xml:1581 +#: sssd-ldap.5.xml:1574 sssd-ldap.5.xml:1597 sssd-ldap.5.xml:1615 +#: sssd-ldap.5.xml:1633 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1579 sssd-ldap.5.xml:1602 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1533 +#: sssd-ldap.5.xml:1585 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1536 +#: sssd-ldap.5.xml:1588 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1593 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1608 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1559 +#: sssd-ldap.5.xml:1611 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1574 +#: sssd-ldap.5.xml:1626 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1629 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1587 +#: sssd-ldap.5.xml:1639 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1651 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6219,59 +6437,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1661 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1663 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1669 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1672 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1675 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1686 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1693 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1646 +#: sssd-ldap.5.xml:1698 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1703 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1708 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1658 +#: sssd-ldap.5.xml:1710 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6280,22 +6498,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1717 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1667 +#: sssd-ldap.5.xml:1719 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1672 +#: sssd-ldap.5.xml:1724 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1688 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6304,14 +6522,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1687 sssd-simple.5.xml:131 sssd-ipa.5.xml:843 -#: sssd-ad.5.xml:1209 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1739 sssd-simple.5.xml:131 sssd-ipa.5.xml:842 +#: sssd-ad.5.xml:1240 sssd-krb5.5.xml:604 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:130 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1741 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6319,7 +6537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1695 +#: sssd-ldap.5.xml:1747 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6332,27 +6550,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1694 sssd-ldap.5.xml:1712 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:851 sssd-ad.5.xml:1217 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 +#: sssd-ldap.5.xml:1746 sssd-ldap.5.xml:1764 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:850 sssd-ad.5.xml:1248 sssd-sudo.5.xml:56 sssd-krb5.5.xml:613 #: sssd-files.5.xml:137 sssd-files.5.xml:148 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1758 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1760 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1713 +#: sssd-ldap.5.xml:1765 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6368,13 +6586,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1728 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1232 sssd.8.xml:257 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:1780 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1263 sssd.8.xml:257 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1782 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6532,124 +6750,374 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:172 -msgid "<option>allow_missing_name</option>" +#: pam_sss.8.xml:172 +msgid "<option>allow_missing_name</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:176 +msgid "" +"The main purpose of this option is to let SSSD determine the user name based " +"on additional information, e.g. the certificate from a Smartcard." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> +#: pam_sss.8.xml:186 +#, no-wrap +msgid "" +"auth sufficient pam_sss.so allow_missing_name\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:181 +msgid "" +"The current use case are login managers which can monitor a Smartcard reader " +"for card events. In case a Smartcard is inserted the login manager will call " +"a PAM stack which includes a line like <placeholder type=\"programlisting\" " +"id=\"0\"/> In this case SSSD will try to determine the user name based on " +"the content of the Smartcard, returns it to pam_sss which will finally put " +"it on the PAM stack." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:196 +msgid "<option>prompt_always</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:200 +msgid "" +"Always prompt the user for credentials. With this option credentials " +"requested by other PAM modules, typically a password, will be ignored and " +"pam_sss will prompt for credentials again. Based on the pre-auth reply by " +"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " +"credentials." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:211 +msgid "<option>try_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:215 +msgid "" +"Try to use certificate based authentication, i.e. authentication with a " +"Smartcard or similar devices. If a Smartcard is available and the service is " +"allowed for Smartcard authentication the user will be prompted for a PIN and " +"the certificate based authentication will continue" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:223 +msgid "" +"If no Smartcard is available or certificate based authentication is not " +"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:231 +msgid "<option>require_cert_auth</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:235 +msgid "" +"Do certificate based authentication, i.e. authentication with a Smartcard " +"or similar devices. If a Smartcard is not available the user will be " +"prompted to insert one. SSSD will wait for a Smartcard until the timeout " +"defined by p11_wait_for_card_timeout passed, please see " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for details." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:245 +msgid "" +"If no Smartcard is available after the timeout or certificate based " +"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " +"is returned." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:255 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:256 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:259 +msgid "" +"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " +"not available, pam_sss will return PAM_USER_UNKNOWN when called as " +"<option>account</option> module to avoid issues with users from other " +"sources during access control." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:266 +msgid "RETURN VALUES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:269 +msgid "PAM_SUCCESS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:272 +msgid "The PAM operation finished successfully." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:277 +msgid "PAM_USER_UNKNOWN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:280 +msgid "" +"The user is not known to the authentication service or the SSSD's PAM " +"responder is not running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:286 +msgid "PAM_AUTH_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:289 +msgid "" +"Authentication failure. Also, could be returned when there is a problem with " +"getting the certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:295 +msgid "PAM_PERM_DENIED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:298 +msgid "" +"Permission denied. The SSSD log files may contain additional information " +"about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:304 +msgid "PAM_IGNORE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:307 +msgid "" +"See options <option>ignore_unknown_user</option> and " +"<option>ignore_authinfo_unavail</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:313 +msgid "PAM_AUTHTOK_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:316 +msgid "" +"Unable to obtain the new authentication token. Also, could be returned when " +"the user authenticates with certificates and multiple certificates are " +"available, but the installed version of GDM does not support selection from " +"multiple certificates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:324 +msgid "PAM_AUTHINFO_UNAVAIL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:327 +msgid "" +"Unable to access the authentication information. This might be due to a " +"network or hardware failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:333 +msgid "PAM_BUF_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:336 +msgid "" +"A memory error occurred. Also, could be returned when options use_first_pass " +"or use_authtok were set, but no password was found from the previously " +"stacked PAM module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:343 +msgid "PAM_SYSTEM_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:346 +msgid "" +"A system error occurred. The SSSD log files may contain additional " +"information about the error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:352 +msgid "PAM_CRED_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:355 +msgid "Unable to set the credentials of the user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:360 +msgid "PAM_CRED_INSUFFICIENT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:363 +msgid "" +"The application does not have sufficient credentials to authenticate the " +"user. For example, missing PIN during smartcard authentication or missing " +"factor during two-factor authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:371 +msgid "PAM_SERVICE_ERR" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:374 +msgid "Error in service module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:379 +msgid "PAM_NEW_AUTHTOK_REQD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:382 +msgid "The user's authentication token has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:387 +msgid "PAM_ACCT_EXPIRED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:390 +msgid "The user account has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:395 +msgid "PAM_SESSION_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:176 -msgid "" -"The main purpose of this option is to let SSSD determine the user name based " -"on additional information, e.g. the certificate from a Smartcard." +#: pam_sss.8.xml:398 +msgid "Unable to fetch IPA Desktop Profile rules or user info." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><programlisting> -#: pam_sss.8.xml:186 -#, no-wrap -msgid "" -"auth sufficient pam_sss.so allow_missing_name\n" -" " +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:403 +msgid "PAM_CRED_UNAVAIL" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:181 -msgid "" -"The current use case are login managers which can monitor a Smartcard reader " -"for card events. In case a Smartcard is inserted the login manager will call " -"a PAM stack which includes a line like <placeholder type=\"programlisting\" " -"id=\"0\"/> In this case SSSD will try to determine the user name based on " -"the content of the Smartcard, returns it to pam_sss which will finally put " -"it on the PAM stack." +#: pam_sss.8.xml:406 +msgid "Unable to retrieve Kerberos user credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:196 -msgid "<option>prompt_always</option>" +#: pam_sss.8.xml:411 +msgid "PAM_NO_MODULE_DATA" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:200 +#: pam_sss.8.xml:414 msgid "" -"Always prompt the user for credentials. With this option credentials " -"requested by other PAM modules, typically a password, will be ignored and " -"pam_sss will prompt for credentials again. Based on the pre-auth reply by " -"SSSD pam_sss might prompt for a password, a Smartcard PIN or other " -"credentials." +"No authentication method was found by Kerberos. This might happen if the " +"user has a Smartcard assigned but the pkint plugin is not available on the " +"client." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:211 -msgid "<option>try_cert_auth</option>" +#: pam_sss.8.xml:421 +msgid "PAM_CONV_ERR" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:215 -msgid "" -"Try to use certificate based authentication, i.e. authentication with a " -"Smartcard or similar devices. If a Smartcard is available and the service is " -"allowed for Smartcard authentication the user will be prompted for a PIN and " -"the certificate based authentication will continue" +#: pam_sss.8.xml:424 +msgid "Conversation failure." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:429 +msgid "PAM_AUTHTOK_LOCK_BUSY" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:223 -msgid "" -"If no Smartcard is available or certificate based authentication is not " -"allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#: pam_sss.8.xml:432 +msgid "No KDC suitable for password change is available." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:231 -msgid "<option>require_cert_auth</option>" +#: pam_sss.8.xml:437 +msgid "PAM_ABORT" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:235 -msgid "" -"Do certificate based authentication, i.e. authentication with a Smartcard " -"or similar devices. If a Smartcard is not available the user will be " -"prompted to insert one. SSSD will wait for a Smartcard until the timeout " -"defined by p11_wait_for_card_timeout passed, please see " -"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for details." +#: pam_sss.8.xml:440 +msgid "Unknown PAM call." msgstr "" -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:245 -msgid "" -"If no Smartcard is available after the timeout or certificate based " -"authentication is not allowed for the current service PAM_AUTHINFO_UNAVAIL " -"is returned." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:445 +msgid "PAM_MODULE_UNKNOWN" msgstr "" -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:255 -msgid "MODULE TYPES PROVIDED" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:448 +msgid "Unsupported PAM task or command." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:256 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:453 +msgid "PAM_BAD_ITEM" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:259 -msgid "" -"If SSSD's PAM responder is not running, e.g. if the PAM responder socket is " -"not available, pam_sss will return PAM_USER_UNKNOWN when called as " -"<option>account</option> module to avoid issues with users from other " -"sources during access control." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:456 +msgid "The authentication module cannot handle Smartcard credentials." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:266 +#: pam_sss.8.xml:464 msgid "FILES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:267 +#: pam_sss.8.xml:465 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " "does not support password resets, an individual message can be displayed. " @@ -6657,7 +7125,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:272 +#: pam_sss.8.xml:470 msgid "" "The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" "filename> where LOC stands for a locale string returned by <citerefentry> " @@ -6669,7 +7137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:282 +#: pam_sss.8.xml:480 msgid "" "These files are searched in the directory <filename>/etc/sssd/customize/" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " @@ -7064,168 +7532,181 @@ msgstr "" msgid "Example: <SUBJECT>.*,DC=MY,DC=DOMAIN" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:96 +msgid "" +"Please note that the characters \"^.[$()|*+?{\\\" have a special meaning in " +"regular expressions and must be escaped with the help of the '\\' character " +"so that they are matched as ordinary characters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sss-certmap.5.xml:102 +msgid "Example: <SUBJECT>^CN=.* \\(Admin\\),DC=MY,DC=DOMAIN$" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:98 +#: sss-certmap.5.xml:107 msgid "<ISSUER>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:101 +#: sss-certmap.5.xml:110 msgid "" "With this a part or the whole issuer name of the certificate can be matched. " "All comments for <SUBJECT> apply her as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:106 +#: sss-certmap.5.xml:115 msgid "Example: <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:111 +#: sss-certmap.5.xml:120 msgid "<KU>key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:114 +#: sss-certmap.5.xml:123 msgid "" "This option can be used to specify which key usage values the certificate " "should have. The following values can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:118 +#: sss-certmap.5.xml:127 msgid "digitalSignature" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:119 +#: sss-certmap.5.xml:128 msgid "nonRepudiation" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:120 +#: sss-certmap.5.xml:129 msgid "keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:121 +#: sss-certmap.5.xml:130 msgid "dataEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:122 +#: sss-certmap.5.xml:131 msgid "keyAgreement" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:123 +#: sss-certmap.5.xml:132 msgid "keyCertSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:124 +#: sss-certmap.5.xml:133 msgid "cRLSign" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:125 +#: sss-certmap.5.xml:134 msgid "encipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:126 +#: sss-certmap.5.xml:135 msgid "decipherOnly" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:130 +#: sss-certmap.5.xml:139 msgid "" "A numerical value in the range of a 32bit unsigned integer can be used as " "well to cover special use cases." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:134 +#: sss-certmap.5.xml:143 msgid "Example: <KU>digitalSignature,keyEncipherment" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:139 +#: sss-certmap.5.xml:148 msgid "<EKU>extended-key-usage" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:142 +#: sss-certmap.5.xml:151 msgid "" "This option can be used to specify which extended key usage the certificate " "should have. The following value can be used in a comma separated list:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:146 +#: sss-certmap.5.xml:155 msgid "serverAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:147 +#: sss-certmap.5.xml:156 msgid "clientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:148 +#: sss-certmap.5.xml:157 msgid "codeSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:149 +#: sss-certmap.5.xml:158 msgid "emailProtection" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:150 +#: sss-certmap.5.xml:159 msgid "timeStamping" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:151 +#: sss-certmap.5.xml:160 msgid "OCSPSigning" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:152 +#: sss-certmap.5.xml:161 msgid "KPClientAuth" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:153 +#: sss-certmap.5.xml:162 msgid "pkinit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sss-certmap.5.xml:154 +#: sss-certmap.5.xml:163 msgid "msScLogin" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:158 +#: sss-certmap.5.xml:167 msgid "" "Extended key usages which are not listed above can be specified with their " "OID in dotted-decimal notation." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:162 +#: sss-certmap.5.xml:171 msgid "Example: <EKU>clientAuth,1.3.6.1.5.2.3.4" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:167 +#: sss-certmap.5.xml:176 msgid "<SAN>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:170 +#: sss-certmap.5.xml:179 msgid "" "To be compatible with the usage of MIT Kerberos this option will match the " "Kerberos principals in the PKINIT or AD NT Principal SAN as <SAN:" @@ -7233,62 +7714,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:175 +#: sss-certmap.5.xml:184 msgid "Example: <SAN>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:180 +#: sss-certmap.5.xml:189 msgid "<SAN:Principal>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:183 +#: sss-certmap.5.xml:192 msgid "Match the Kerberos principals in the PKINIT or AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:187 +#: sss-certmap.5.xml:196 msgid "Example: <SAN:Principal>.*@MY\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:192 +#: sss-certmap.5.xml:201 msgid "<SAN:ntPrincipalName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:195 +#: sss-certmap.5.xml:204 msgid "Match the Kerberos principals from the AD NT Principal SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:199 +#: sss-certmap.5.xml:208 msgid "Example: <SAN:ntPrincipalName>.*@MY.AD.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:204 +#: sss-certmap.5.xml:213 msgid "<SAN:pkinit>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:207 +#: sss-certmap.5.xml:216 msgid "Match the Kerberos principals from the PKINIT SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:210 +#: sss-certmap.5.xml:219 msgid "Example: <SAN:ntPrincipalName>.*@MY\\.PKINIT\\.REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:215 +#: sss-certmap.5.xml:224 msgid "<SAN:dotted-decimal-oid>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:218 +#: sss-certmap.5.xml:227 msgid "" "Take the value of the otherName SAN component given by the OID in dotted-" "decimal notation, interpret it as string and try to match it against the " @@ -7296,17 +7777,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:224 +#: sss-certmap.5.xml:233 msgid "Example: <SAN:1.2.3.4>test" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:229 +#: sss-certmap.5.xml:238 msgid "<SAN:otherName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:232 +#: sss-certmap.5.xml:241 msgid "" "Do a binary match with the base64 encoded blob against all otherName SAN " "components. With this option it is possible to match against custom " @@ -7315,129 +7796,129 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:239 +#: sss-certmap.5.xml:248 msgid "Example: <SAN:otherName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:244 +#: sss-certmap.5.xml:253 msgid "<SAN:rfc822Name>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:247 +#: sss-certmap.5.xml:256 msgid "Match the value of the rfc822Name SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:250 +#: sss-certmap.5.xml:259 msgid "Example: <SAN:rfc822Name>.*@email\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:255 +#: sss-certmap.5.xml:264 msgid "<SAN:dNSName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:258 +#: sss-certmap.5.xml:267 msgid "Match the value of the dNSName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:261 +#: sss-certmap.5.xml:270 msgid "Example: <SAN:dNSName>.*\\.my\\.dns\\.domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:266 +#: sss-certmap.5.xml:275 msgid "<SAN:x400Address>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:269 +#: sss-certmap.5.xml:278 msgid "Binary match the value of the x400Address SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:272 +#: sss-certmap.5.xml:281 msgid "Example: <SAN:x400Address>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:277 +#: sss-certmap.5.xml:286 msgid "<SAN:directoryName>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:280 +#: sss-certmap.5.xml:289 msgid "" "Match the value of the directoryName SAN. The same comments as given for <" "ISSUER> and <SUBJECT> apply here as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:285 +#: sss-certmap.5.xml:294 msgid "Example: <SAN:directoryName>.*,DC=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:290 +#: sss-certmap.5.xml:299 msgid "<SAN:ediPartyName>base64-string" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:293 +#: sss-certmap.5.xml:302 msgid "Binary match the value of the ediPartyName SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:296 +#: sss-certmap.5.xml:305 msgid "Example: <SAN:ediPartyName>MTIz" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:301 +#: sss-certmap.5.xml:310 msgid "<SAN:uniformResourceIdentifier>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:304 +#: sss-certmap.5.xml:313 msgid "Match the value of the uniformResourceIdentifier SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:307 +#: sss-certmap.5.xml:316 msgid "Example: <SAN:uniformResourceIdentifier>URN:.*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:312 +#: sss-certmap.5.xml:321 msgid "<SAN:iPAddress>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:315 +#: sss-certmap.5.xml:324 msgid "Match the value of the iPAddress SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:318 +#: sss-certmap.5.xml:327 msgid "Example: <SAN:iPAddress>192\\.168\\..*" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:323 +#: sss-certmap.5.xml:332 msgid "<SAN:registeredID>regular-expression" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:326 +#: sss-certmap.5.xml:335 msgid "Match the value of the registeredID SAN as dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:330 +#: sss-certmap.5.xml:339 msgid "Example: <SAN:registeredID>1\\.2\\.3\\..*" msgstr "" @@ -7448,12 +7929,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:338 +#: sss-certmap.5.xml:347 msgid "MAPPING RULE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:340 +#: sss-certmap.5.xml:349 msgid "" "The mapping rule is used to associate a certificate with one or more " "accounts. A Smartcard with the certificate and the matching private key can " @@ -7461,7 +7942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:345 +#: sss-certmap.5.xml:354 msgid "" "Currently SSSD basically only supports LDAP to lookup user information (the " "exception is the proxy provider which is not of relevance here). Because of " @@ -7473,7 +7954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:355 +#: sss-certmap.5.xml:364 msgid "" "In general it is recommended to use attributes from the certificate and add " "them to special attributes to the LDAP user object. E.g. the " @@ -7482,7 +7963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:361 +#: sss-certmap.5.xml:370 msgid "" "This should be preferred to read user specific data from the certificate " "like e.g. an email address and search for it in the LDAP server. The reason " @@ -7492,12 +7973,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:376 +#: sss-certmap.5.xml:385 msgid "{issuer_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:379 +#: sss-certmap.5.xml:388 msgid "" "This template will add the full issuer DN converted to a string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7505,40 +7986,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:385 sss-certmap.5.xml:411 +#: sss-certmap.5.xml:394 sss-certmap.5.xml:420 msgid "" "The conversion options starting with 'ad_' will use attribute names as used " "by AD, e.g. 'S' instead of 'ST'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:389 sss-certmap.5.xml:415 +#: sss-certmap.5.xml:398 sss-certmap.5.xml:424 msgid "" "The conversion options starting with 'nss_' will use attribute names as used " "by NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:393 sss-certmap.5.xml:419 +#: sss-certmap.5.xml:402 sss-certmap.5.xml:428 msgid "" "The default conversion option is 'nss', i.e. attribute names according to " "NSS and LDAP/RFC 4514 ordering." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:397 +#: sss-certmap.5.xml:406 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!ad}<S>{subject_dn!" "ad})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:402 +#: sss-certmap.5.xml:411 msgid "{subject_dn[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:405 +#: sss-certmap.5.xml:414 msgid "" "This template will add the full subject DN converted to string according to " "RFC 4514. If X.500 ordering (most specific RDN comes last) an option with " @@ -7546,19 +8027,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:423 +#: sss-certmap.5.xml:432 msgid "" "Example: (ipacertmapdata=X509:<I>{issuer_dn!nss_x500}<S>" "{subject_dn!nss_x500})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:428 +#: sss-certmap.5.xml:437 msgid "{cert[!(bin|base64)]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:431 +#: sss-certmap.5.xml:440 msgid "" "This template will add the whole DER encoded certificate as a string to the " "search filter. Depending on the conversion option the binary certificate is " @@ -7568,17 +8049,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:439 +#: sss-certmap.5.xml:448 msgid "Example: (userCertificate;binary={cert!bin})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:444 +#: sss-certmap.5.xml:453 msgid "{subject_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:447 +#: sss-certmap.5.xml:456 msgid "" "This template will add the Kerberos principal which is taken either from the " "SAN used by pkinit or the one used by AD. The 'short_name' component " @@ -7586,19 +8067,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:453 sss-certmap.5.xml:481 +#: sss-certmap.5.xml:462 sss-certmap.5.xml:490 msgid "" "Example: (|(userPrincipal={subject_principal})" "(samAccountName={subject_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:458 +#: sss-certmap.5.xml:467 msgid "{subject_pkinit_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:461 +#: sss-certmap.5.xml:470 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by pkinit. The 'short_name' component represents the first part of the " @@ -7606,19 +8087,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:467 +#: sss-certmap.5.xml:476 msgid "" "Example: (|(userPrincipal={subject_pkinit_principal})" "(uid={subject_pkinit_principal.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:472 +#: sss-certmap.5.xml:481 msgid "{subject_nt_principal[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:475 +#: sss-certmap.5.xml:484 msgid "" "This template will add the Kerberos principal which is given by the SAN used " "by AD. The 'short_name' component represent the first part of the principal " @@ -7626,12 +8107,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:486 +#: sss-certmap.5.xml:495 msgid "{subject_rfc822_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:489 +#: sss-certmap.5.xml:498 msgid "" "This template will add the string which is stored in the rfc822Name " "component of the SAN, typically an email address. The 'short_name' component " @@ -7639,19 +8120,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:495 +#: sss-certmap.5.xml:504 msgid "" "Example: (|(mail={subject_rfc822_name})(uid={subject_rfc822_name." "short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:500 +#: sss-certmap.5.xml:509 msgid "{subject_dns_name[.short_name]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:503 +#: sss-certmap.5.xml:512 msgid "" "This template will add the string which is stored in the dNSName component " "of the SAN, typically a fully-qualified host name. The 'short_name' " @@ -7659,116 +8140,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:509 +#: sss-certmap.5.xml:518 msgid "" "Example: (|(fqdn={subject_dns_name})(host={subject_dns_name.short_name}))" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:514 +#: sss-certmap.5.xml:523 msgid "{subject_uri}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:517 +#: sss-certmap.5.xml:526 msgid "" "This template will add the string which is stored in the " "uniformResourceIdentifier component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:521 +#: sss-certmap.5.xml:530 msgid "Example: (uri={subject_uri})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:526 +#: sss-certmap.5.xml:535 msgid "{subject_ip_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:529 +#: sss-certmap.5.xml:538 msgid "" "This template will add the string which is stored in the iPAddress component " "of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:533 +#: sss-certmap.5.xml:542 msgid "Example: (ip={subject_ip_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:538 +#: sss-certmap.5.xml:547 msgid "{subject_x400_address}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:541 +#: sss-certmap.5.xml:550 msgid "" "This template will add the value which is stored in the x400Address " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:546 +#: sss-certmap.5.xml:555 msgid "Example: (attr:binary={subject_x400_address})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:551 +#: sss-certmap.5.xml:560 msgid "" "{subject_directory_name[!((ad|ad_x500)|ad_ldap|nss_x500|(nss|nss_ldap))]}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:554 +#: sss-certmap.5.xml:563 msgid "" "This template will add the DN string of the value which is stored in the " "directoryName component of the SAN." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:558 +#: sss-certmap.5.xml:567 msgid "Example: (orig_dn={subject_directory_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:563 +#: sss-certmap.5.xml:572 msgid "{subject_ediparty_name}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:566 +#: sss-certmap.5.xml:575 msgid "" "This template will add the value which is stored in the ediPartyName " "component of the SAN as escaped hex sequence." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:571 +#: sss-certmap.5.xml:580 msgid "Example: (attr:binary={subject_ediparty_name})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sss-certmap.5.xml:576 +#: sss-certmap.5.xml:585 msgid "{subject_registered_id}" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:579 +#: sss-certmap.5.xml:588 msgid "" "This template will add the OID which is stored in the registeredID component " "of the SAN as a dotted-decimal string." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sss-certmap.5.xml:584 +#: sss-certmap.5.xml:593 msgid "Example: (oid={subject_registered_id})" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:369 +#: sss-certmap.5.xml:378 msgid "" "The templates to add certificate data to the search filter are based on " "Python-style formatting strings. They consist of a keyword in curly braces " @@ -7778,12 +8259,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sss-certmap.5.xml:592 +#: sss-certmap.5.xml:601 msgid "DOMAIN LIST" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sss-certmap.5.xml:594 +#: sss-certmap.5.xml:603 msgid "" "If the domain list is not empty users mapped to a given certificate are not " "only searched in the local domain but in the listed domains as well as long " @@ -7904,7 +8385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:1050 msgid "dyndns_update (boolean)" msgstr "" @@ -7919,7 +8400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1033 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:1064 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -7934,12 +8415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1044 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:1075 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1047 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:1078 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -7960,12 +8441,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1058 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:1089 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1061 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:1092 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -7989,17 +8470,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1072 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:1103 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1123 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:1154 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1126 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:1157 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8007,7 +8488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1132 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1163 msgid "Default: GSS-TSIG" msgstr "" @@ -8017,7 +8498,7 @@ msgid "ipa_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 +#: sssd-ipa.5.xml:221 sssd-ad.5.xml:215 msgid "Enables DNS sites - location based service discovery." msgstr "" @@ -8034,7 +8515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1078 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:1109 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8047,12 +8528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1096 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1127 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1099 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:1130 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8071,60 +8552,60 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1110 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:1141 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1113 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:1144 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1117 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:1148 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1138 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1169 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1141 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1172 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1146 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1177 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1151 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1182 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1156 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1187 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1162 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1193 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1165 +#: sssd-ipa.5.xml:320 sssd-ad.5.xml:1196 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -8238,26 +8719,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1180 +#: sssd-ipa.5.xml:458 sssd-ad.5.xml:1211 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1183 +#: sssd-ipa.5.xml:461 sssd-ad.5.xml:1214 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1187 +#: sssd-ipa.5.xml:465 sssd-ad.5.xml:1218 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1191 +#: sssd-ipa.5.xml:469 sssd-ad.5.xml:1222 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8276,7 +8757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:522 +#: sssd-ipa.5.xml:486 sssd-ipa.5.xml:516 sssd-ipa.5.xml:532 sssd-ad.5.xml:517 msgid "Default: 5 (seconds)" msgstr "" @@ -8413,6 +8894,7 @@ msgstr "" #: sssd-ipa.5.xml:622 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:813 sssd-ldap-attributes.5.xml:894 #: sssd-ldap-attributes.5.xml:991 sssd-ldap-attributes.5.xml:1049 +#: sssd-ldap-attributes.5.xml:1207 sssd-ldap-attributes.5.xml:1252 msgid "Default: cn" msgstr "" @@ -8585,7 +9067,7 @@ msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:753 +#: sssd-ipa.5.xml:755 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -8595,88 +9077,88 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:749 msgid "" -"Some configuration options can be also set for a trusted domain. A trusted " -"domain configuration can either be done using a subsection, for example: " -"<placeholder type=\"programlisting\" id=\"0\"/>" +"Some configuration options can also be set for a trusted domain. A trusted " +"domain configuration can be set using the trusted domain subsection as shown " +"in the example below. Alternatively, the <quote>subdomain_inherit</quote> " +"option can be used in the parent domain. <placeholder type=\"programlisting" +"\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:760 msgid "" -"In addition, some options can be set in the parent domain and inherited by " -"the trusted domain using the <quote>subdomain_inherit</quote> option. For " -"more details, see the <citerefentry> <refentrytitle>sssd.conf</" +"For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:768 +#: sssd-ipa.5.xml:767 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:773 +#: sssd-ipa.5.xml:772 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:774 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:779 sssd-ipa.5.xml:809 +#: sssd-ipa.5.xml:778 sssd-ipa.5.xml:808 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:782 +#: sssd-ipa.5.xml:781 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:785 sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:784 sssd-ipa.5.xml:811 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:788 +#: sssd-ipa.5.xml:787 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:791 +#: sssd-ipa.5.xml:790 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:794 +#: sssd-ipa.5.xml:793 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:803 +#: sssd-ipa.5.xml:802 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:805 +#: sssd-ipa.5.xml:804 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:817 +#: sssd-ipa.5.xml:816 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:821 +#: sssd-ipa.5.xml:820 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -8690,7 +9172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:845 +#: sssd-ipa.5.xml:844 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -8698,7 +9180,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:852 +#: sssd-ipa.5.xml:851 #, no-wrap msgid "" "[domain/example.com]\n" @@ -8923,25 +9405,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:196 msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the Active Directory domain to identify this " -"host." +"Optional. On machines where the hostname(5) does not reflect the fully " +"qualified name, sssd will try to expand the short name. If it is not " +"possible or the short name should be really used instead, set this parameter " +"explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:202 +#: sssd-ad.5.xml:203 msgid "" -"This field is used to determine the host principal in use in the keytab. It " -"must match the hostname for which the keytab was issued." +"This field is used to determine the host principal in use in the keytab and " +"to perform dynamic DNS updates. It must match the hostname for which the " +"keytab was issued." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:210 +#: sssd-ad.5.xml:212 msgid "ad_enable_dns_sites (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:217 +#: sssd-ad.5.xml:219 msgid "" "If true and service discovery (see Service Discovery paragraph at the bottom " "of the man page) is enabled, the SSSD will first attempt to discover the " @@ -8952,12 +9436,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:233 +#: sssd-ad.5.xml:235 msgid "ad_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:236 +#: sssd-ad.5.xml:238 msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the <quote>access_provider</" @@ -8966,7 +9450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:244 +#: sssd-ad.5.xml:246 msgid "" "The option also supports specifying different filters per domain or forest. " "This extended filter would consist of: <quote>KEYWORD:NAME:FILTER</quote>. " @@ -8975,7 +9459,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:252 +#: sssd-ad.5.xml:254 msgid "" "If the keyword equals to <quote>DOM</quote> or is missing, then <quote>NAME</" "quote> specifies the domain or subdomain the filter applies to. If the " @@ -8984,14 +9468,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:260 +#: sssd-ad.5.xml:262 msgid "" "Multiple filters can be separated with the <quote>?</quote> character, " "similarly to how search bases work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:265 +#: sssd-ad.5.xml:267 msgid "" "Nested group membership must be searched for using a special OID " "<quote>:1.2.840.113556.1.4.1941:</quote> in addition to the full DOM:domain." @@ -9004,7 +9488,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:280 msgid "" "The most specific match is always used. For example, if the option specified " "filter for a domain the user is a member of and a global filter, the per-" @@ -9013,7 +9497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ad.5.xml:289 +#: sssd-ad.5.xml:291 #, no-wrap msgid "" "# apply filter on domain called dom1 only:\n" @@ -9031,24 +9515,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:308 +#: sssd-ad.5.xml:310 msgid "ad_site (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:311 +#: sssd-ad.5.xml:313 msgid "" "Specify AD site to which client should try to connect. If this option is " "not provided, the AD site will be auto-discovered." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:322 +#: sssd-ad.5.xml:324 msgid "ad_enable_gc (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:325 +#: sssd-ad.5.xml:327 msgid "" "By default, the SSSD connects to the Global Catalog first to retrieve users " "from trusted domains and uses the LDAP port to retrieve group memberships or " @@ -9057,7 +9541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:333 +#: sssd-ad.5.xml:335 msgid "" "Please note that disabling Global Catalog support does not disable " "retrieving users from trusted domains. The SSSD would connect to the LDAP " @@ -9066,12 +9550,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:347 +#: sssd-ad.5.xml:349 msgid "ad_gpo_access_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:350 +#: sssd-ad.5.xml:352 msgid "" "This option specifies the operation mode for GPO-based access control " "functionality: whether it operates in disabled mode, enforcing mode, or " @@ -9081,7 +9565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:361 msgid "" "GPO-based access control functionality uses GPO policy settings to determine " "whether or not a particular user is allowed to logon to the host. For more " @@ -9090,16 +9574,16 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:367 +#: sssd-ad.5.xml:369 msgid "" "Please note that current version of SSSD does not support Active Directory's " "built-in groups. Built-in groups (such as Administrators with SID " "S-1-5-32-544) in GPO access control rules will be ignored by SSSD. See " -"upstream issue tracker https://pagure.io/SSSD/sssd/issue/4099 ." +"upstream issue tracker https://github.com/SSSD/sssd/issues/5063 ." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:376 +#: sssd-ad.5.xml:378 msgid "" "Before performing access control SSSD applies group policy security " "filtering on the GPOs. For every single user login, the applicability of the " @@ -9109,21 +9593,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:388 msgid "" "Read: The user or one of its groups must have read access to the properties " "of the GPO (RIGHT_DS_READ_PROPERTY)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:393 +#: sssd-ad.5.xml:395 msgid "" "Apply Group Policy: The user or at least one of its groups must be allowed " "to apply the GPO (RIGHT_DS_CONTROL_ACCESS)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:401 +#: sssd-ad.5.xml:403 msgid "" "By default, the Authenticated Users group is present on a GPO and this group " "has both Read and Apply Group Policy access rights. Since authentication of " @@ -9133,15 +9617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:410 -msgid "" -"NOTE: The current version of SSSD does not support host (computer) entries " -"in the GPO 'Security Filtering' list. Only user and group entries are " -"supported. Host entries in the list have no effect." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:417 +#: sssd-ad.5.xml:412 msgid "" "NOTE: If the operation mode is set to enforcing, it is possible that users " "that were previously allowed logon access will now be denied logon access " @@ -9156,23 +9632,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:436 +#: sssd-ad.5.xml:431 msgid "There are three supported values for this option:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:435 msgid "" "disabled: GPO-based access control rules are neither evaluated nor enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:441 msgid "enforcing: GPO-based access control rules are evaluated and enforced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:452 +#: sssd-ad.5.xml:447 msgid "" "permissive: GPO-based access control rules are evaluated, but not enforced. " "Instead, a syslog message will be emitted indicating that the user would " @@ -9180,22 +9656,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:463 +#: sssd-ad.5.xml:458 msgid "Default: permissive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:466 +#: sssd-ad.5.xml:461 msgid "Default: enforcing" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:472 +#: sssd-ad.5.xml:467 msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:475 +#: sssd-ad.5.xml:470 msgid "" "Normally when no applicable GPOs are found the users are allowed access. " "When this option is set to True users will be allowed access only when " @@ -9206,12 +9682,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:492 +#: sssd-ad.5.xml:487 msgid "ad_gpo_ignore_unreadable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:495 +#: sssd-ad.5.xml:490 msgid "" "Normally when some group policy containers (AD object) of applicable group " "policy objects are not readable by SSSD then users are denied access. This " @@ -9221,12 +9697,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:512 +#: sssd-ad.5.xml:507 msgid "ad_gpo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:515 +#: sssd-ad.5.xml:510 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -9234,12 +9710,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:528 +#: sssd-ad.5.xml:523 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:531 +#: sssd-ad.5.xml:526 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9255,14 +9731,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:549 +#: sssd-ad.5.xml:544 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:563 +#: sssd-ad.5.xml:558 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9270,7 +9746,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:554 +#: sssd-ad.5.xml:549 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9282,42 +9758,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:586 +#: sssd-ad.5.xml:581 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:606 +#: sssd-ad.5.xml:601 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:611 +#: sssd-ad.5.xml:606 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:616 +#: sssd-ad.5.xml:611 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:621 +#: sssd-ad.5.xml:616 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:626 +#: sssd-ad.5.xml:621 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:635 +#: sssd-ad.5.xml:630 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:633 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9333,7 +9809,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:657 +#: sssd-ad.5.xml:652 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9341,7 +9817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:672 +#: sssd-ad.5.xml:667 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9349,7 +9825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:663 +#: sssd-ad.5.xml:658 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9361,22 +9837,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:680 +#: sssd-ad.5.xml:675 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:685 +#: sssd-ad.5.xml:680 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:694 +#: sssd-ad.5.xml:689 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:697 +#: sssd-ad.5.xml:692 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9392,7 +9868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:715 +#: sssd-ad.5.xml:710 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9400,7 +9876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:730 +#: sssd-ad.5.xml:725 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9408,7 +9884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:716 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9420,22 +9896,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:738 +#: sssd-ad.5.xml:733 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:743 +#: sssd-ad.5.xml:738 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:752 +#: sssd-ad.5.xml:747 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:755 +#: sssd-ad.5.xml:750 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9450,14 +9926,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:773 +#: sssd-ad.5.xml:768 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:782 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9465,7 +9941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:778 +#: sssd-ad.5.xml:773 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9477,23 +9953,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:790 +#: sssd-ad.5.xml:785 msgid "" "Note: Cron service name may differ depending on Linux distribution used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:791 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:805 +#: sssd-ad.5.xml:800 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:808 +#: sssd-ad.5.xml:803 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9509,14 +9985,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:826 +#: sssd-ad.5.xml:821 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:839 +#: sssd-ad.5.xml:834 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9524,7 +10000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:831 sssd-ad.5.xml:906 +#: sssd-ad.5.xml:826 sssd-ad.5.xml:901 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9535,19 +10011,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:849 +#: sssd-ad.5.xml:844 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:852 +#: sssd-ad.5.xml:847 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:866 +#: sssd-ad.5.xml:861 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9555,7 +10031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:857 +#: sssd-ad.5.xml:852 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9567,29 +10043,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:874 +#: sssd-ad.5.xml:869 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:889 +#: sssd-ad.5.xml:884 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:898 +#: sssd-ad.5.xml:893 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:901 +#: sssd-ad.5.xml:896 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:914 +#: sssd-ad.5.xml:909 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9597,12 +10073,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:924 +#: sssd-ad.5.xml:919 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:927 +#: sssd-ad.5.xml:922 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9615,57 +10091,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:940 +#: sssd-ad.5.xml:935 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:944 +#: sssd-ad.5.xml:939 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:949 +#: sssd-ad.5.xml:944 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:954 +#: sssd-ad.5.xml:949 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:959 +#: sssd-ad.5.xml:954 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:964 +#: sssd-ad.5.xml:959 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:969 +#: sssd-ad.5.xml:964 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:974 +#: sssd-ad.5.xml:969 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:980 +#: sssd-ad.5.xml:975 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:986 +#: sssd-ad.5.xml:981 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:989 +#: sssd-ad.5.xml:984 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9673,17 +10149,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:995 +#: sssd-ad.5.xml:990 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:1001 +#: sssd-ad.5.xml:996 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1004 +#: sssd-ad.5.xml:999 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -9693,12 +10169,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1013 +#: sssd-ad.5.xml:1008 msgid "Default: 86400:750 (24h and 15m)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1014 +msgid "ad_update_samba_machine_account_password (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1017 +msgid "" +"If enabled, when SSSD renews the machine account password, it will also be " +"updated in Samba's database. This prevents Samba's copy of the machine " +"account password from getting out of date when it is set up to use AD for " +"authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:1030 +msgid "ad_use_ldaps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1033 +msgid "" +"By default SSSD uses the plain LDAP port 389 and the Global Catalog port " +"3628. If this option is set to True SSSD will use the LDAPS port 636 and " +"Global Catalog port 3629 with LDAPS protection. Since AD does not allow to " +"have multiple encryption layers on a single connection and we still want to " +"use SASL/GSSAPI or SASL/GSS-SPNEGO for authentication the SASL security " +"property maxssf is set to 0 (zero) for those connections." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1022 +#: sssd-ad.5.xml:1053 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -9709,19 +10215,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1052 +#: sssd-ad.5.xml:1083 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1068 +#: sssd-ad.5.xml:1099 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1081 +#: sssd-ad.5.xml:1112 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -9731,12 +10237,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1104 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:1135 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1211 +#: sssd-ad.5.xml:1242 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -9744,7 +10250,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1218 +#: sssd-ad.5.xml:1249 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -9759,7 +10265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1238 +#: sssd-ad.5.xml:1269 #, no-wrap msgid "" "access_provider = ldap\n" @@ -9768,7 +10274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1234 +#: sssd-ad.5.xml:1265 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -9776,7 +10282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1275 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -9786,7 +10292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1252 +#: sssd-ad.5.xml:1283 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -10828,7 +11334,7 @@ msgstr "" #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"home directory of the user. See <citerefentry> <refentrytitle>k5login</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " "Please note that an empty .k5login file will deny all access to this user. " "To activate this feature, use 'access_provider = krb5' in your SSSD " @@ -13905,10 +14411,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:225 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 64" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd-kcm.8.xml:230 @@ -13924,10 +14428,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-kcm.8.xml:237 -#, fuzzy -#| msgid "Default: 3" msgid "Default: 65536" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:247 @@ -15430,10 +15932,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap-attributes.5.xml:968 -#, fuzzy -#| msgid "SERVICES SECTIONS" msgid "SERVICE ATTRIBUTES" -msgstr "服务部分" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap-attributes.5.xml:972 @@ -15670,6 +16170,104 @@ msgstr "" msgid "AUTOFS ATTRIBUTES" msgstr "" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1184 +msgid "IP HOST ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1188 +msgid "ldap_iphost_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1191 +msgid "The object class of an iphost entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1194 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: ipHost" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1200 +msgid "ldap_iphost_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1203 +msgid "" +"The LDAP attribute that contains the name of the IP host attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1213 +msgid "ldap_iphost_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1216 +msgid "The LDAP attribute that contains the IP host address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1220 +msgid "Default: ipHostNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap-attributes.5.xml:1229 +msgid "IP NETWORK ATTRIBUTES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1233 +msgid "ldap_ipnetwork_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1236 +msgid "The object class of an ipnetwork entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1239 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: ipNetwork" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1245 +msgid "ldap_ipnetwork_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1248 +msgid "" +"The LDAP attribute that contains the name of the IP network attributes and " +"their aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap-attributes.5.xml:1258 +msgid "ldap_ipnetwork_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1261 +msgid "The LDAP attribute that contains the IP network address." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap-attributes.5.xml:1265 +msgid "Default: ipNetworkNumber" +msgstr "" + #. type: Content of: <variablelist><varlistentry><term> #: include/autofs_attributes.xml:3 msgid "ldap_autofs_map_object_class (string)" @@ -15816,8 +16414,8 @@ msgstr "" #. type: Content of: <refentryinfo> #: include/upstream.xml:2 msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." -"io/SSSD/sssd/</orgname>" +"<productname>SSSD</productname> <orgname>The SSSD upstream - https://github." +"com/SSSD/sssd/</orgname>" msgstr "" #. type: Content of: outside any tag (error?) @@ -16474,40 +17072,47 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:81 include/debug_levels_tools.xml:62 msgid "" +"<emphasis>10</emphasis>, <emphasis>0x10000</emphasis>: Even more low-level " +"libldb tracing information. Almost never really required." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:86 include/debug_levels_tools.xml:67 +msgid "" "To log required bitmask debug levels, simply add their numbers together as " "shown in following examples:" msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:85 include/debug_levels_tools.xml:66 +#: include/debug_levels.xml:90 include/debug_levels_tools.xml:71 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, critical failures, " "serious failures and function data use 0x0270." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:89 include/debug_levels_tools.xml:70 +#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 msgid "" "<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " "function data, trace messages for internal control functions use 0x1310." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:94 include/debug_levels_tools.xml:75 +#: include/debug_levels.xml:99 include/debug_levels_tools.xml:80 msgid "" "<emphasis>Note</emphasis>: The bitmask format of debug levels was introduced " "in 1.7.0." msgstr "" #. type: Content of: <listitem><para> -#: include/debug_levels.xml:98 include/debug_levels_tools.xml:79 +#: include/debug_levels.xml:103 include/debug_levels_tools.xml:84 msgid "<emphasis>Default</emphasis>: 0" msgstr "" #. type: Content of: outside any tag (error?) #: include/experimental.xml:1 msgid "" -"<emphasis> This is an experimental feature, please use https://pagure.io/" +"<emphasis> This is an experimental feature, please use https://github.com/" "SSSD/sssd/ to report any issues. </emphasis>" msgstr "" @@ -16789,7 +17394,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:43 -msgid "ldap_sasl_mech = gssapi" +msgid "ldap_sasl_mech = GSS-SPNEGO" msgstr "" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para>